[Samba] W7 client cannot adjust file permissions via ADUC
rowlandpenny at googlemail.com
Thu Jan 29 06:23:42 MST 2015
On 29/01/15 12:54, Bob of Donelson Trophy wrote:
> I have tried your various alteration suggestions and it is a "negative"
> Here is the output from wbinfo -u & wbinfo -g
> root at dtmbr01:~# wbinfo -u
> root at dtmbr01:~# wbinfo -g
> allowed rodc password replication group
> enterprise read-only domain controllers
> denied rodc password replication group
> read-only domain controllers
> group policy creator owners
> ras and ias servers
> domain controllers
> enterprise admins
> domain computers
> cert publishers
> domain admins
> domain guests
> schema admins
> domain users
> root at dtmbr01:~# getent passwd Administrator
> Say what, "administratorSERNAME%"?
> After running the 'generation one' script to create the member server, I
> have changed nothing except the suggestions that have been made on this
> mailing list. Attempting to gain access to the member server to
> re-adjust the file permissions on "profiles" per the instructions on the
> samba wiki.
> Please, thoughts?
> Bob Wooden of Donelson Trophy
> 615.885.2846 (main)
> www.donelsontrophy.com 
> "Everyone deserves an award!!"
> On 2015-01-28 13:09, Rowland Penny wrote:
>> On 28/01/15 18:55, Bob of Donelson Trophy wrote:
>>> No, I did not try the alterations but, Louis had me remove the "domain users" line earlier. Put the line back in and try alterations? (If so, I will not have time until you are asleep, tonight.)
>> By all means try it, you have nothing to lose :-)
>> I take it that 'wbinfo -u' shows all the domain users on the member server and 'wbinfo -g' shows all the domain groups. Also 'getent passwd <domain user> shows the user.
>  http://www.donelsontrophy.com
Louis's script puts this line in smb.conf:
template homedir = /home/samba/DT***RM/users/%USERNAME%
Perhaps it should be changed to this:
template homedir = /home/samba/DT***RM/users/%U
I say this because your Administrators homedir seems to be the above
line plus what I am suggesting should be removed.
But what is worrying me more, Administrator has the uid of '50001', have
you set this in AD ?
More information about the samba