[Samba] Not using AD group when writing file

Rowland Penny rowlandpenny at googlemail.com
Tue Dec 16 11:47:55 MST 2014 

On 16/12/14 17:35, Carl Carpenter wrote:
> Forgot to mention that the permissions are also incorrect.  They are
> supposed to be 775 but come out as 744.
>
> Carl Carpenter
> Director, Information Services
> Hill Country MHDD Centers
> (830)258-5414 or ext. 2038
>
>
> On 12/11/2014 4:13 PM, Carl Carpenter wrote:
>
> Per your request
>
>    [global]
>          workgroup = HCCMHMRC
>          realm = HILLCOUNTRY.LOCAL
>          server string = Samba Server Version %v
>          security = ADS
>          log file = /var/log/samba/log.%m
>          max log size = 50
>          wins server = 192.168.0.7
>          default service = global
>          template homedir = /home/HCCMHMRC
>          template shell = /bin/bash
>          winbind enum users = Yes
>          winbind enum groups = Yes
>          winbind use default domain = Yes
>          idmap config * : range = 16777216-33554431
>          idmap config * : backend = tdb
>          cups options = raw
>
> [Intranet]
>          path = /home/Intranet
>          valid users = @intranet
>          read only = No
>
> Not sure what you mean by ACL on the folder but here's this:
>
> drwxrwxr-x   6 apache intranet 4096 Dec 10 14:34 Intranet
>
> Carl Carpenter
> Director, Information Services
> Hill Country MHDD Centers
> (830)258-5414 or ext. 2038
>
>
> On 12/11/2014 3:50 PM, Marc Muehlfeld wrote:
>
> Hello Carl,
>
> Am 11.12.2014 um 22:18 schrieb Carl Carpenter:
>
> Trying to get Samba configured correctly.  Am using Active Directory for
> authentication and that seems to be working correctly.  When creating a
> Share, Security and Access Control list the AD users and groups.  If I take
> my name out of the AD group, can't access the share.  Put my name in the
> group and I can access it.  However, when I write a file to the folder,
> while it shows my username, it shows domain users as the group instead of
> the group name.  I had this working on Centos 6.6 and am using the same
> instructions this time.  I'm sure I'm missing a setting somewhere but don't
> know what.  Haven't been able to find anything on the web that addresses
> it.  Any assistance will be appreciated.
>
> Can you please show us your smb.conf [global] and the share config? And
> also please the ACLs on this folder.
>
>
> Regards,
> Marc
>
>

Hi, Are you using sssd as well ? otherwise there doesn't seem to be 
anything to get the user & group ID numbers.

Also, to get the ACL's run this command:

getfacl /home/Intranet

Rowland

More information about the samba mailing list