[Samba] How to troubleshoot an ACL error?
Harry Jede
walk2sun at arcor.de
Wed Mar 5 10:08:00 MST 2014
On 18:05:10 wrote Peter Clark:
> I'm running Version 4.2.0pre1-GIT-ca3998d on a Fedora 20 host. The
> output of testparm is:
>
> [global]
> workgroup = SOMETHING
> realm = SOMETHING.SOMETHING.COM
> server role = active directory domain controller
> passdb backend = samba_dsdb
> server services = rpc, nbt, wrepl, ldap, cldap, kdc, drepl,
> winbind, ntp_signd, kcc, dnsupdate, smb
> dcerpc endpoint servers = epmapper, wkssvc, rpcecho, samr,
> netlogon, lsarpc, spoolss, drsuapi, dssetup, unixinfo, browser,
> eventlog6, backupkey, dnsserver, winreg, srvsvc
> rpc_server:tcpip = no
> rpc_daemon:spoolssd = embedded
> rpc_server:spoolss = embedded
> rpc_server:winreg = embedded
> rpc_server:ntsvcs = embedded
> rpc_server:eventlog = embedded
> rpc_server:srvsvc = embedded
> rpc_server:svcctl = embedded
> rpc_server:default = external
> idmap_ldb:use rfc2307 = yes
> idmap config * : backend = tdb
> map archive = No
> map readonly = no
> store dos attributes = Yes
> vfs objects = dfs_samba4, acl_xattr
>
> [netlogon]
> path =
> /usr/local/samba/var/locks/sysvol/something.something.com/scripts
> read only = No
>
> [sysvol]
> path = /usr/local/samba/var/locks/sysvol
> read only = No
>
> [homes]
> path = /home
> read only = No
>
> I can run lists:
>
> smbclient -L localhost -U%
> Domain=[SOMETHING] OS=[Unix] Server=[Samba 4.2.0pre1-GIT-ca3998d]
>
> Sharename Type Comment
> --------- ---- -------
> netlogon Disk
> sysvol Disk
> homes Disk
> IPC$ IPC IPC Service
> localhost is an IPv6 address -- no workgroup available
> [pclark at c3po ~]$
>
> However when I log in as a user and try to go into my homedir:
>
> Domain=[SOMETHING] OS=[Unix] Server=[Samba 4.2.0pre1-GIT-ca3998d]
> smb: \> dir
> . D 0 Sun Mar 2 11:06:09
> 2014 .. D 0 Mon Mar 3
> 03:44:25 2014 pclark D 0 Mon
> Mar 3 13:36:36 2014
>
> 34001 blocks of size 8388608. 13463 blocks available
> smb: \> cd pclark
> cd \pclark\: NT_STATUS_INVALID_ACL
> smb: \>
>
> getfacl shows:
> getfacl pclark
> # file: pclark
> # owner: pclark
> # group: pclark
> user::rwx
> group::rwx
> other::r-x
put the user pclark in an other group
remove the the group pclark
try again
>
> When I try and bring up the folder on a Windows system the security
> tab only has an X with an error message that says the "security
> information is unavailable or cannot be displayed", even when logged
> into the domain as Administrator.
>
> My drives are mounted with user_xattr,acl options in /etc/fstab. I'm
> not sure how to troubleshoot this further, any thoughts on how to
> reset the acl to a baseline that can be later edited (or, what did I
> do wrong here?) would be appreciated.
>
> Thanks,
--
regards
Harry Jede
More information about the samba
mailing list