[Samba] Can't get permission on a share to work problem with groups
Horace
mailinglist at lhplan.tk
Sun Feb 9 07:10:49 MST 2014
On 2014-02-09 07:08, Leander S. wrote:
> Am 09.02.14 12:46, schrieb Horace:
>> On 2014-02-09 06:39, Leander S. wrote:
>>> Am 09.02.14 12:25, schrieb Horace:
>>>> On 2014-02-09 06:11, Horace wrote:
>>>>> On 2014-02-09 05:59, Leander S. wrote:
>>>>>> Am 09.02.14 11:51, schrieb Horace:
>>>>>>> On 2014-02-09 05:31, Leander S. wrote:
>>>>>>>> Am 09.02.14 10:01, schrieb Horace:
>>>>>>>>> I have also tried valid users = ACCOUNTSAD\"Domain Admins" but
>>>>>>>>> I still get 'is none, expected a group'? What is the correct
>>>>>>>>> syntax to providing groups in valid users field??
>>>>>>>> I also wonder ;/
>>>>>>>
>>>>>>> I have already scoured the Internet and only found similar
>>>>>>> questions without any defined solutions. So I wonder myself. :/
>>>>>> That was one of my best research results, yet it didn't help.
>>>>>> Goggle
>>>>>> translate may help wit hlanguage compatibility ;)
>>>>>>
>>>>>> http://forge.univention.org/bugzilla/show_bug.cgi?id=29553
>>>>>
>>>>> Thanks but not to helpful, for whatever reason (that Google has
>>>>> changed lately), I can't translate that page :/
>>>>
>>>> Although, the few English comments that I glance at that I could
>>>> decipher, is to try with sid. Although this does work, what I can't
>>>> I understand is what Group Names do not work ?
>>>>
>>>> [2014/02/09 06:17:22.927279, 3]
>>>> ../libcli/security/dom_sid.c:209(dom_sid_parse_endp)
>>>> string_to_sid: SID @Domain Admins is not in a valid format
>>>
>>>
>>>
>>> Well as funny as it may sound, BUT *drumroll*
>>>
>>> Following combination seems working just fine:
>>>
>>> write list = @Groupname
>>> force user = Username
>>>
>>> So, Samba is ABLE to resolve my groupname - it's just not able with
>>> the attribute *valid users* and *force group*. they seem broke?!
>>
>> I have been working on this for quite awhile now, should a bug report
>> be reported? In any case, this would probably be a good reference in
>> case anyone happens to run into this problem.
> Thanks for offering. I would say so, since there is many people
> affected. This is seriuosly affecting the quality of production
> environments where share permissions are set based on group
> memberships.
>
> Best regards
> Leander S.
No luck with write list = @Groupname, I have to assume it's probably
because write list don't like group names with spaces. Neither of the
below work:
write list = @"ACCOUNTSAD\Domain Admins"
write list = @ACCOUNTSAD\"Domain Admins"
write list = @"Domain Admins"
I am going to try:
write list = @"\\ACCOUNTSAD\Domain Admins"
More information about the samba
mailing list