[Samba] Windows Admin user can't change Permission.
Tim
lists at kiuni.de
Wed Feb 18 13:01:13 MST 2015
Hi Jason,
what are the permissions of the folder above - in your case /srv/samba.
In the past I needed to chmod from 750 to 755 on that folder for the underlying share paths.
Regards
Tim
Am 18. Februar 2015 13:29:07 MEZ, schrieb Jason Long <hack3rcon at yahoo.com>:
>Hello.
>I changed my "smb.conf" as below :
>
>[Demo]
>path = /srv/samba/demo/
>read only = no
>force user = %U
>force group = "JASONDOMAIN.JJ+domain users"
>force create mode = 0666
>force directory mode = 2777
>force directory security mode = 0777
>valid users = @"JASONDOMAIN.JJ+domain users"
>
>
>Then I use below command to change owner :
>
># chgrp -R "domain users" demo/
># chmod -R g+rw demo/
>
># ls -l
>total 0
>drwxrwxr-x. 2 root domain_users 6 Feb 18 05:38 demo
>
>But When I want to open the "demo" directory it ask me my username and
>password and when I enter my username and password it ask me again :(
>I also have same problem with change permission too.
>
>How can I solve it? It is emergency.
>
>Thank you.
>
>
>
>On Tuesday, February 17, 2015 5:49 AM, Jason Long <hack3rcon at yahoo.com>
>wrote:
>Hello.
>According to the
>"https://wiki.samba.org/index.php/Setup_and_configure_file_shares_with_Windows_ACLs",
>I run my Samba share but can't add permission to directory via admin
>user or other users that are administrator.
>My samba config is :
>
>[global]
>workgroup = JASONDOMAIN
>security = ADS
>realm = JASONDOMAINI.JJ
>netbios name = printmah
>
>dedicated keytab file = /etc/krb5.keytab
>kerberos method = secrets and keytab
>server string = Samba 4 Client %h
>##
>vfs objects = acl_xattr
>map acl inherit = Yes
>store dos attributes = Yes
>##
>username map = /etc/samba/user.map
>
>##
>
>winbind enum users = no
>winbind enum groups = no
>winbind use default domain = yes
>winbind expand groups = 4
>winbind nss info = rfc2307
>winbind refresh tickets = Yes
>winbind offline logon = yes
>winbind normalize names = Yes
>
>## map id's outside of domain to tdb files.
>idmap config *:backend = tdb
>idmap config *:range = 2000-9999
>## map ids from the domain the ranges may not overlap !
>idmap config JASONDOMAIN : backend = rid
>idmap config JASONDOMAIN : range = 10000-999999
>
>wins server = 172.30.9.1, 172.20.1.2, 172.20.1.48
>
>domain master = no
>local master = no
>preferred master = no
>os level = 20
>map to guest = bad user
>host msdfs = no
># user Administrator workaround, without it you are unable to set
>privileges
>username map = /etc/samba/user.map
>
># For ACL support on member server
>vfs objects = acl_xattr
>map acl inherit = Yes
>store dos attributes = Yes
>
># Share Setting Globally
>unix extensions = no
>reset on zero vc = yes
>veto files = /.bash_logout/.bash_profile/.bash_history/.bashrc/
>hide unreadable = yes
>template shell = /bin/sh
>template homedir = /home/%U
>#
>name resolve order = lmhosts wins bcast host
>
>[test]
>path = /home/jason/Desktop/photo
>read only = no
>browseable = yes
>
>
>
>I had a problem with SElinux that solved by enter below commands :
>
>
>setenforce 0
>
>chcon -t samba_share_t -R /path/to/share
>setenforce 1
>
>
>The problem solved but I can't change or add permission to directory
>via Windows as "Setup share permissions" section.I use "jason" account
>that is exist in administrator group but Jason can't too.
>
>How can I solve it?
>--
>To unsubscribe from this list go to the following URL and read the
>instructions: https://lists.samba.org/mailman/options/samba
More information about the samba
mailing list