[Samba] Samba + ADS - Filepermissions home directories

Mona Meyer meymona at gmail.com
Wed Jul 15 10:47:58 MDT 2009

I configured winbind, samba and pam.d to authenticate via our Windows Active
Directory Server.

Everything works fine, I can log on to the system using my Windows Account
credentials, I am also able to access the samba home share, but I have no
write permissions there.

What I don't get is: When I give read-write-access to everybody (chmod 777
/home/%USER%), I am able to create and delete files. If I than create a new
file (via the network share), the file is created by the owner of
/home/%USER%. But If the system identifies myself as the owner, why was I
not able to create the file before changig the file permissions?

   workgroup = WORKGROUP
   server string = %h

   security = ADS
   winbind separator = +
   winbind cache time = 10
   password server =
   encrypt passwords = yes
   client use spnego = yes

   idmap uid = 10000-20000
   idmap gid = 10000-20000

   template shell = /bin/bash
   template homedir = /home/%U

   winbind use default domain = yes
   winbind enum users = yes
   winbind enum groups = yes

   comment = Home Directories
   browseable = no
   read only = no
   create mask = 0700
   directory mask = 0700
   valid users = WORKGROUP+%S

after chmod 777:

debian:/home/USER# ls -la
-rwx------ 1 USER domain-user    0 15. Jul 16:45 test

More information about the samba mailing list