[Samba] W7 client cannot adjust file permissions via ADUC
Rowland Penny
rowlandpenny at googlemail.com
Thu Jan 29 14:53:34 MST 2015
On 29/01/15 21:50, Bob of Donelson Trophy wrote:
>
>
> Rowland,
>
> The email here is a little crazy at the moment. Your reply to my email
> sent this morning (7 or 8 hours ago) just popped up. And this is since
> you I have emailed some more confusion.
>
> This thread is on HOLD UNTIL FURTHER NOTICE.
>
> Let's let the email world settle down. I am currently receiving emails
> from this morning and I am confused. And let get my head around all that
> we have discussed today.
> ---
>
> -------------------------
>
> Bob Wooden of Donelson Trophy
>
> 615.885.2846 (main)
> www.donelsontrophy.com [1]
>
> "Everyone deserves an award!!"
>
> On 2015-01-29 07:23, Rowland Penny wrote:
>
>> On 29/01/15 12:54, Bob of Donelson Trophy wrote:
>> Rowland, I have tried your various alteration suggestions and it is a "negative" result. Here is the output from wbinfo -u & wbinfo -g root at dtmbr01:~# wbinfo -u administrator dns-dtdc02 dns-dtdc01 krbtgt guest root at dtmbr01:~# wbinfo -g allowed rodc password replication group enterprise read-only domain controllers denied rodc password replication group read-only domain controllers group policy creator owners ras and ias servers domain controllers enterprise admins domain computers cert publishers dnsupdateproxy domain admins domain guests schema admins domain users dnsadmins root at dtmbr01:~# getent passwd Administrator administrator:*:50001:50006::/home/samba/DT***RM/users/administratorSERNAME%:/bin/bash Say what, "administratorSERNAME%"? After running the 'generation one' script to create the member server, I have changed nothing except the suggestions that have been made on this mailing list. Attempting to gain access to the member server to re-adjust the file permissions
> on
> "profiles" per the instructions on the samba wiki. Please, thoughts? --- ------------------------- Bob Wooden of Donelson Trophy 615.885.2846 (main) www.donelsontrophy.com [1] [1 [1]] "Everyone deserves an award!!" On 2015-01-28 13:09, Rowland Penny wrote: On 28/01/15 18:55, Bob of Donelson Trophy wrote: No, I did not try the alterations but, Louis had me remove the "domain users" line earlier. Put the line back in and try alterations? (If so, I will not have time until you are asleep, tonight.) By all means try it, you have nothing to lose :-) I take it that 'wbinfo -u' shows all the domain users on the member server and 'wbinfo -g' shows all the domain groups. Also 'getent passwd <domain user> shows the user. Rowland
> Links: ------ [1] http://www.donelsontrophy.com [1]
>
> Louis's script puts this line in smb.conf:
>
> template homedir = /home/samba/DT***RM/users/%USERNAME%
>
> Perhaps it should be changed to this:
>
> template homedir = /home/samba/DT***RM/users/%U
>
> I say this because your Administrators homedir seems to be the above
> line plus what I am suggesting should be removed.
>
> But what is worrying me more, Administrator has the uid of '50001', have
> you set this in AD ?
>
> Rowland
>
>
> Links:
> ------
> [1] http://www.donelsontrophy.com
OK, just in case you get this:
can you try this:
ldbsearch -H /var/lib/samba/private/sam.ldb
'(&(objectclass=user)(uidnumber=*))' uidNumber
This should display any users that have a uidNumber
Rowland
More information about the samba
mailing list