[Samba] W7 client cannot adjust file permissions via ADUC
Rowland Penny
rowlandpenny at googlemail.com
Thu Jan 29 06:23:42 MST 2015
On 29/01/15 12:54, Bob of Donelson Trophy wrote:
>
>
> Rowland,
>
> I have tried your various alteration suggestions and it is a "negative"
> result.
>
> Here is the output from wbinfo -u & wbinfo -g
>
> root at dtmbr01:~# wbinfo -u
> administrator
> dns-dtdc02
> dns-dtdc01
> krbtgt
> guest
> root at dtmbr01:~# wbinfo -g
> allowed rodc password replication group
> enterprise read-only domain controllers
> denied rodc password replication group
> read-only domain controllers
> group policy creator owners
> ras and ias servers
> domain controllers
> enterprise admins
> domain computers
> cert publishers
> dnsupdateproxy
> domain admins
> domain guests
> schema admins
> domain users
> dnsadmins
>
> root at dtmbr01:~# getent passwd Administrator
> administrator:*:50001:50006::/home/samba/DT***RM/users/administratorSERNAME%:/bin/bash
>
>
> Say what, "administratorSERNAME%"?
>
> After running the 'generation one' script to create the member server, I
> have changed nothing except the suggestions that have been made on this
> mailing list. Attempting to gain access to the member server to
> re-adjust the file permissions on "profiles" per the instructions on the
> samba wiki.
>
> Please, thoughts?
> ---
>
> -------------------------
>
> Bob Wooden of Donelson Trophy
>
> 615.885.2846 (main)
> www.donelsontrophy.com [1]
>
> "Everyone deserves an award!!"
>
> On 2015-01-28 13:09, Rowland Penny wrote:
>
>> On 28/01/15 18:55, Bob of Donelson Trophy wrote:
>>
>>> No, I did not try the alterations but, Louis had me remove the "domain users" line earlier. Put the line back in and try alterations? (If so, I will not have time until you are asleep, tonight.)
>> By all means try it, you have nothing to lose :-)
>>
>> I take it that 'wbinfo -u' shows all the domain users on the member server and 'wbinfo -g' shows all the domain groups. Also 'getent passwd <domain user> shows the user.
>>
>> Rowland
>
>
> Links:
> ------
> [1] http://www.donelsontrophy.com
Louis's script puts this line in smb.conf:
template homedir = /home/samba/DT***RM/users/%USERNAME%
Perhaps it should be changed to this:
template homedir = /home/samba/DT***RM/users/%U
I say this because your Administrators homedir seems to be the above
line plus what I am suggesting should be removed.
But what is worrying me more, Administrator has the uid of '50001', have
you set this in AD ?
Rowland
More information about the samba
mailing list