[Samba] Permission issue writing to demo share

[Rowland Penny]

On 27/06/14 18:17, Lars Hanke wrote:
> Am 27.06.2014 19:03, schrieb Rowland Penny:
>> On 27/06/14 18:00, Lars Hanke wrote:
>>>>> [Demo]
>>>>>         path = /srv/files/shares/Demo
>>>>>         read only = no
>>> I think to remember that it is not required for file share users to
>>> have login permission to the file server. Am I wrong?
>> Do you have any unix users, if not, then no, but you still need 'acl'
>
> I have much more unix users than Win users and I'm currently trying to 
> figure out how to set up the new infrastructure. Dropping NFS is at 
> least an option - has pros and cons as all other options as well.
>
> About the ACL stuff:
>
> getfacl /srv/files/shares/Demo/
> getfacl: Removing leading '/' from absolute path names
> # file: srv/files/shares/Demo/
> # owner: root
> # group: root
> user::rwx
> group::r-x
> other::r-x
>
> But from a POSIX perspective AD\Administrator = 3000000 should have 
> been denied writing as well according to those ACL.
>
> root at samba:/# ls -la /srv/files/shares/Demo
> total 8
> drwxr-xr-x  2 root    root  35 Jun 27 14:24 .
> drwxr-xr-x  3 root    root  17 Jun 13 13:19 ..
> -rwxrwxr-x+ 1 3000000 users 32 Jun 27 14:24 Erstellt von Admin.txt
>
> So, if this is an ACL or NSS issue, this at least doesn't explain itself.
>
> Regards,
>  - lars.
>
OK, this is the top of nsswitch.conf on my AD DC:

passwd:         compat winbind
group:          compat winbind

And when I run ' getent passwd Administrator'

DOMAIN\Administrator:*:0:10000::/home/Administrator:/bin/bash

Hmm userid '0' I wonder who he is???

Rowland