[Samba] Not using AD group when writing file

Carl Carpenter ccarpenter at hillcountry.org
Tue Dec 16 13:57:38 MST 2014 

On 16/12/14 17:35, Carl Carpenter wrote:

Forgot to mention that the permissions are also incorrect.  They are
supposed to be 775 but come out as 744.

Carl Carpenter
Director, Information Services
Hill Country MHDD Centers
(830)258-5414 or ext. 2038


On 12/11/2014 4:13 PM, Carl Carpenter wrote:

Per your request

   [global]
         workgroup = HCCMHMRC
         realm = HILLCOUNTRY.LOCAL
         server string = Samba Server Version %v
         security = ADS
         log file = /var/log/samba/log.%m
         max log size = 50
         wins server = 192.168.0.7
         default service = global
         template homedir = /home/HCCMHMRC
         template shell = /bin/bash
         winbind enum users = Yes
         winbind enum groups = Yes
         winbind use default domain = Yes
         idmap config * : range = 16777216-33554431
         idmap config * : backend = tdb
         cups options = raw

[Intranet]
         path = /home/Intranet
         valid users = @intranet
         read only = No

Not sure what you mean by ACL on the folder but here's this:

drwxrwxr-x   6 apache intranet 4096 Dec 10 14:34 Intranet

Carl Carpenter
Director, Information Services
Hill Country MHDD Centers
(830)258-5414 or ext. 2038


On 12/11/2014 3:50 PM, Marc Muehlfeld wrote:

Hello Carl,

Am 11.12.2014 um 22:18 schrieb Carl Carpenter:

Trying to get Samba configured correctly.  Am using Active Directory for
authentication and that seems to be working correctly.  When creating a
Share, Security and Access Control list the AD users and groups.  If I take
my name out of the AD group, can't access the share.  Put my name in the
group and I can access it.  However, when I write a file to the folder,
while it shows my username, it shows domain users as the group instead of
the group name.  I had this working on Centos 6.6 and am using the same
instructions this time.  I'm sure I'm missing a setting somewhere but don't
know what.  Haven't been able to find anything on the web that addresses
it.  Any assistance will be appreciated.

Can you please show us your smb.conf [global] and the share config? And
also please the ACLs on this folder.


Regards,
Marc



Hi, Are you using sssd as well ? otherwise there doesn't seem to be
anything to get the user & group ID numbers.

Also, to get the ACL's run this command:

getfacl /home/Intranet

Rowland

=================================================
No, I'm not using sssd.  I used authconfig to set up the initial
authentication configuration.  Followed exactly the same steps I used for
Centos 6/Samba 3.x and it worked perfectly.

getfacl /home/Intranet
getfacl: Removing leading '/' from absolute path names
# file: home/Intranet
# owner: apache
# group: intranet
user::rwx
group::rwx
other::r-x



-- 

Carl Carpenter
Director, Information Services
Hill Country MHDD Centers
(830)258-5414 or ext. 2038

More information about the samba mailing list