[Samba] write problem from mac osx 10.8.5 clients to samba 4

[Athan DE JONG]

Hi Jason
I used exactly the same procedure that you described. I forgot about "CREATOR OWNER" but after test no changes.
I googled a lot around and found many people experimenting issus whith the mac osx SMBX implementation.


can provide me some precisions that could help me eliminate cetains points :

Did you provisioning samba with The --use-rfc2307 option ?
What is the version of your Mac OSX ?
Are you able to write from mac osx to another shared directory than the "users home dir" ?

Once again thanks for your detailled reply and help !
 
Kind regadrs, Athan



________________________________
 De : Jason MacChesney <jason.macchesney at ecacs16.ab.ca>
À : Athan DE JONG <athan.dejong at yahoo.fr> 
Cc : "samba at lists.samba.org" <samba at lists.samba.org> 
Envoyé le : Vendredi 4 octobre 2013 19h31
Objet : Re: [Samba] write problem from mac osx 10.8.5 clients to samba 4
 


Hey Athan, in order to do what you want this is what I would do in my environment; I would create the share in my smb.conf. Then create the directory on the server. I would populate a group for using the share, either on the server using samba-tool or using the snap-in. Then jump over to my Windows 7 machine, go to \\MY_SERVER, right-click my share, tab>security, and set full control permissions to CREATOR OWNER, SYSTEM, Domain Admins, and the group that's been created for this share. I would then instruct the people in that group that in order to access the share they need to open a finder, click GO > Connect to Server. Then they would need to mount the share using smb://MY_SERVER/SHARE ...they may need to enter their AD credentials at this point.


I have no idea what the map UID, GUID implications are in directory utility, sorry! Good luck!



On Fri, Oct 4, 2013 at 10:02 AM, Athan DE JONG <athan.dejong at yahoo.fr> wrote:

Hi Jason
>
>
>Thanks for your answer ! 
>
>
>sorry for the delay of my reply i'm very busy this times.
>
>
>glad to hear that you was able to deploy OSX in samba !
>
>
>so your mac osx is bind-ed and you can read/write to your home directory on the server ?
>
>
>can you read/write to another samba share ?
>
>
>My problem is a little different as i'm not using roaming profiles. The choice of samab 4 was that we later have to setup mail service on the same server and so we will be able to use the AD for this later.
>My goal for the moment is to share a public folder for a specific group of users !
>
>
>my mac osx is bind-ed to AD i am able to read and delete files but not to write files to the samba share
>My mac user has full acl and posix righs for the test and the message from finder is that i "dont have access to some of the items".
>
>
>As i'm really not a mac specialist i was asking my self what about the map UID,GUID options in the Directory utility advanced options ?
>
>
>Thanks again for your detailed answer, may you can give me another hint :)
>
>
>Kind regards, Athan
>
>
>
>________________________________
> De : Jason MacChesney <jason.macchesney at ecacs16.ab.ca>
>À : Athan DE JONG <athan.dejong at yahoo.fr> 
>Cc : "samba at lists.samba.org" <samba at lists.samba.org> 
>Envoyé le : Jeudi 3 octobre 2013 16h40
>Objet : Re: [Samba] write problem from mac osx 10.8.5 clients to samba 4
> 
>
>
>Hey Athan, I was able to deploy OSX in a samba4 environment. Here is my procedure:
>
>
>go to System Preferences > User and Groups and create a new account with admin privileges. This will be developed into a default profile for domain users. Log out and in with the user.
>
>
>Open Keychain Access and delete "Login"
>
>Spend some time opening all the applications on the operating system, registering all welcome prompts, and performing all necessary updates/changes.
>
>
>
>**THIS MAY BE WHAT YOU'RE LOOKING FOR"**
>Go back to System Preferences > User and Groups. Right-click the appropriate account > Advanced Options: set the Home Directory to smb://[REALM_OF_DC]/$USER
>
>
>Open a terminal: 
>sudo rm /Users/[new_default_account]/Library/Caches/*
>sudo rm -rf /System/Library/User\ Template/English.lproj/*
>
>cd /System/Library/User\ Template/English.lproj/
sudo rsync -rav /Users/[new_default_account]/ . (that's a period, so you're copying into the present working directory above)
>
>
>Apple > Recent items > Clear Menu
>Reboot into your normal Admin account. 
>
>Disk utility > repair disk permissions
>Delete the account that's been set up. 
>
>
>
>As Admin, let's bind to the domain controller. Head back to Users and Groups and head to Login Options.
>Edit Network Account Server > Open Directory Utility > Active Directory
>
>Bind to your active directory FQDN. 
>
>Under User Experience, uncheck both "Create mobile account at login" and "Force local home directory on startup disk."
>
>
>The one other clincher, I think, was going to the ADUC snap-in and mapping the home directory for all users.
>
>
>
>On Thu, Oct 3, 2013 at 6:04 AM, Athan DE JONG <athan.dejong at yahoo.fr> wrote:
>
>Hi 
>>
>>I have setup a samba 4 DC with mixed client environment.
>>My problem is that the mac osx client are unable to write to a samba 4 share.
>>
>>I tested mac osx clients on a normal windows 7 share and it works fine
>>I tested mac osx clients on a samba 3.5 .. share and everything works fine.
>>
>>As i am in a professional environment and all the windows clients are already binded to the samba 4 domain i can not step back to samba3.
>>
>>My mac osx clients are binded and im able to view/edit active directory from the mac.
>>
>>My only issue is that i can not write to the samba 4 shares. i have verified all about permissions, and my thought is that mac osx confuses unix and acl rights.
>>
>>Is there a workaround or a special thing to do regarding UID map GUID map
>>
>>please be aware that i'm not a mac specialist, but have to handlwith it because of professional reasons.
>>
>>i am searching a solution for weeks now and really need some help !
>>
>>Kind regards
>>--
>>To unsubscribe from this list go to the following URL and read the
>>instructions:  https://lists.samba.org/mailman/options/samba
>>
>
>
>