[Samba] Samba Permissions Problem

Robert Steinmetz AIA rob at steinmetznet.com
Thu Jan 21 14:08:32 MST 2010

I need help understanding what is happening and trouble shooting.

I have two servers running Samba 2.3.3, one as a Domain Controller one 
as a Member Server. Both are running Ubuntu 8.10. smbd, nmbd and 
winbindd using the tdb back end are running on both.

I have two shares on the member server and as far as I can tell they are 
identical. [Projects] works as expected but [Windows] always asks for a 
login name even though the smb.conf entries for both are are the same. 
If I comment out the "force group" in [Windows] users can access the 
share but there are errors writing and creating files. If I create a new 
share it acts as the [Windows] share.

Here are the share definitions and a list of the files in the directory;

        Comment = Project Files
        path = /files/Lucretia/Projects
        writeable = yes
        browseable = yes
        create mask = 0764
        directory mask = 0775
        force group = "ATLANTA\domain users"

        comment = Atlanta Windows Files
        path = /files/Lucretia/Windows
        browseable = yes
        writeable = yes
        create mask = 0764
        directory mask = 0775
        force group = "ATLANTA\domain users"

root at louise:/files/Lucretia# ls -l
total 66
drwxrwsr-x   2 root          10001    48 2008-07-17 03:17 Arris
-rw-r-Sr--   1 root          10001  5952 2008-07-17 04:25 list
drwxrwsr-x  74 ATLANTA\rob   10001 17040 2009-12-17 15:25 Office
drwxrwsr-x  67 rob           10001 14456 1969-12-31 19:00 Office.orig
drwxrwsr-x  51 ATLANTA\trish 10001  4528 2010-01-14 14:26 Projects
drwxrwsr-x   8 ATLANTA\rob   10001   400 2009-07-10 15:52 Sigma
drwxrwsr-x   6 rob           10001   304 2008-07-17 02:50 Sigma.old
drwxrwsr-x 314 ATLANTA\trish 10001 24280 2010-01-13 09:49 Windows

Testparm shows no problems although it does rearrange the share 
definitions somewhat.

The problem must be in windows permissions but I don't know how to check 
them, especially since I have only ssh access because the site is 
remote. I have to rely on local users for testing.

How can I get a list of ATLANTA\domain admin group users?

How can I change the permissions?
Robert Steinmetz, AIA
Steinmetz & Associates

More information about the samba mailing list