[Samba] Problems with administrator account
buhorojo
buhorojo.lcb at gmail.com
Sat Aug 8 18:50:36 UTC 2015
On 07/08/15 17:45, dashi fico wrote:
> Yes, LAN is the workgroup name.
>
> I made a test, i removed all the ACL with setfacl -b mysharename
>
> [root at fileserv]# getfacl share/
> # file: share/
> # owner: root
> # group: root
> user::rwx
> group::rwx
> other::---
>
> Going to Windows side and Added "Domain Admins" in permission tab to
> read/modify/total
>
>
> Security Tab is denied even for my others account in domain Admins group
>
> looking again with getfacl, the acl didnt get modified....
>
> So i add them manually :
>
> [root at fileserv]# setfacl -R -m g:Domain\ Admins:rwx share
> [root at fileserv]# getfacl share
> # file: share
> # owner: root
> # group: root
> user::rwx
> group::rwx
> group:domain\040admins:rwx
> mask::rwx
> other::---
>
> And now i gain access to the security tab with my Account, i can browse the
> share too.
>
> But if i go back with the Administrator Account to the ADUC, security is
> denied and he can't access the share "Access denied"
Hi
The mapping alone doesn't work. Add a uidNumber and gidNumber to
Administrator.
HTH
More information about the samba
mailing list