[Samba] Excel 'Document not saved' Error when using SMB2 Protocol

Ian CLANCY ian.clancy at valeo.com
Tue Oct 8 08:31:38 MDT 2013

Hi Samba Users,
I'm in the process of building a Samba4 CTDB /GPFS Cluster joined as a
member server to AD that also supports ACL's .
It has taken some time but almost everything is working now :) . My one
outstanding issue is editing files using Excel 2007 on Windows 7 results in
a 'Document not saved' error. I believe this is an issue with the SMB2
protocol as I can edit the same files with the same user and version of
Excel on a Windows XP workstation. Using Wireshark i can see that
communication between the Windows 7 client is using SMB2 . Excel is quite a
strange beast, it creates temporary files etc..
As a test i have set the parameter "client max protocol = NT1" in the
smb.conf of my cluster members but the Win 7 clients continue to use the
SMB2 protocol.

Looking more closely at the communication between the Win 7 client and the
Samba Servers when i attempt a file save in Excel i see that the Client
issues a FILE_INFO/SMB2_FILE_RENAME_INFO request and the samba server
returns a STATUS_ACCESS_DENIED response.

I suspect disabling ACL's would resolve the issue but unfortunately these
are necessary for the project . Ideally i would be able to use SMB2 but it
is not a show stopper if i could force Win 7 clients to use SMB1.

I'm currently using samba 4.0.9 / CTDB 2.4 on Centos 6.4 with GPFS 3.4.0-14.
my smb.conf is pasted below.
Thanks in advance for any comment of feedback.
Ian Clancy
IS Department
Valeo Vision Systems (VVS)

        workgroup = MYNET
        realm = MYNET.BALEO.COM
        netbios name = TESTCLUSTER
        security = ADS
        map to guest = Bad User
        client max protocol = NT1
        unix extensions = No
        clustering = Yes
        winbind cache time = 900
        winbind use default domain = Yes
        idmap config *:range = 1000-90000
        idmap config * : backend = tdb2
        force unknown acl user = Yes
        ea support = Yes
        map archive = No
        map readonly = no
        mangled names = No
        store dos attributes = Yes

        comment = GPFS File System
        path = /gpfstest
        read only = No
        create mask = 0770
        force create mode = 0770
        nt acl support = No
        vfs objects = shadow_copy2, gpfs, fileid
        fileid:algorithm = fsname
        shadow:fixinodes = yes
        shadow:basedir = /gpfstest
        shadow:snapdir = /gpfstest/.snapshots
        nfs4:acedup = merge
        nfs4:chown = yes
        nfs4:mode = special
        gpfs:winattr = yes
        gpfs:sharemodes = yes

This e-mail message is intended only for the use of the intended recipient(s).
The information contained therein may be confidential or privileged,
and its disclosure or reproduction is strictly prohibited.
If you are not the intended recipient, please return it immediately to its sender 
at the above address and destroy it. 

More information about the samba mailing list