[Samba] XP Administrator has no access to shares

[Gémes Géza]

Hi Steve,

Answers below
> Hi Géza
>
> Thanks for your patience.
> Lets take this share:
> [home]
> path = /home2/home
> read only = No
>
> 1. Could you tell me what I need to add to enable Administrator to 
> have full control over it?
The most probable cause of not having access is that Administrator has 
no access to the underling filesystem, so I would do a setfacl -R -m 
u:Administrator:rwx,d:u:Administrator:rwx /home2/home  It could have two 
results: 1. everything starts working, 2. it complains, that couldn't 
find user Administrator which indicates, that you should review your 
winbind and nsswitch config.
> 2. is there a user in the Domain (like root in Linux) who has control 
> over everything? Shares, users, network, the lot?
NO
> 3. Is there a global way of enabling Administrator to be allowed write 
> acess and be able to change permisiions and acl's from the scurity 
> tab? Or must this be done on a per share basis.
Write access and ability to change ACLs (at least using s3fs or samba3 
smbd) comes from the posix access rights and ACLs, so you need to set them.
>
> I made one change to the [global] section:
>
> winbind use default domain = Yes
>
> This drops the ALTEA\ part of the name. Otherwise users cannot 
> authenticate via Kerberos because PAM passes the name as ALTEAuser 
> rather than ALTEA\user to the KDC. with the default domain line it 
> passes the name correctly as just name and krb5 auth works again.
>
> Cheers,
> Steve
Regards

Geza Gemes