[Samba] windows acl not saving, no error, nothing in log file

Rowland Penny rowlandpenny at googlemail.com
Fri Jun 19 08:23:36 MDT 2015 

On 19/06/15 15:14, Bob of Donelson Trophy wrote:
>   
>
> Regarding the insertion of "user_xattr,acl,barrier=1" in to /etc/fstab
> file.
>
> The Sambawiki page 'https://wiki.samba.org/index.php/OS_Requirements'
> has instructions there for ext4 to include this.
>
> I seen it commented here, in the mailing list, many time that this is
> now default for ext4.
>
> Maybe the wiki page should be changed?
>
> (Just a suggestion, you guys always give great advice.)
>
> ---
>
> -------------------------
>
> Bob Wooden of Donelson Trophy
>
> 615.885.2846 (main)
> www.donelsontrophy.com [3]
>
> "Everyone deserves an award!!"
>
> On 2015-06-19 08:27, Rowland Penny wrote:
>
>> On 19/06/15 13:50, Thomas Bauserman wrote:
>>
>>> I'm running samba 4.1.6 as a PDC on ubuntu 14.04.
>> OK, are you actually running samba as an NT4-style PDC, or are running samba as an AD DC ? they are very different.
>>
>>> I'm following these guides to setup print shares https://wiki.samba.org/index.php/Samba_as_a_print_server [1] https://wiki.samba.org/index.php/Setup_and_configure_file_shares_with_Windows_ACLs [2] When I go to my windows workstation to change the ACL's on the print$ share I can get into the security tab and I can change the security options but when I click apply or ok they don't save. There is no error. I did tailf on /var/log/samba/log.samba while doing this and nothing shows up in the log file.
>> Have you followed the wiki pages fully ?
>>
>>> Here is my fstab entry /dev/mapper/homer--vg-root / ext4 defaults,user_xattr,acl,barrier=1,errors=remount-ro 0 1
>> You do not need 'user_xattr,acl', they are included by 'defaults' on ext4.
>>
>>> the only thing I noticed and I wasn't sure if it was an issue or not. When I run "lsof | grep /srv/samba/Printer_drivers" it gives me this lsof: no pwd entry for UID 3000019 lsof: no pwd entry for UID 3000019 lsof: no pwd entry for UID 3000019 lsof: no pwd entry for UID 3000019 lsof: no pwd entry for UID 3000019 lsof: no pwd entry for UID 3000019 lsof: no pwd entry for UID 3000019 lsof: no pwd entry for UID 3000019
>> Try giving 'Domain Admins' a gidNumber attribute.
>>
>>> I was a little confused by the guide because in one section the group is listed as Domain Admins and in another it's domain_admins so I added SeDiskOperatorPrivilege to both. It wouldn't let me set the group on the folder to Domain Admins it said it was an invalid group so I set it to domain_admins.
>> 'Domain Admins' and domain_admins are usually interchangeable, except on a samba4 AD DC, anywhere else you can set 'winbind normalize names = Yes' in smb.conf and then use the lowercase names. On a DC, you need to escape the space, either by quotes around the entire name i.e. "Domain Admins" or 'Domain Admins', or by using a backslash: Domain Admins. If you don't use anything, it tries to use just 'Domain'.
>>
>> Rowland
>>
>>> Other than the Windows ACL's on the shares. Everything else is working great. I've got all my users setup and I'm applying GPO's successfully. I've been hitting my head against the wall for a couple of days now. Any help would be appreciated. Let me know if you need anything else from me. Thanks, Tom Bauserman Technical Support Specialist Teutopolis Unit #50 School District
>   
>
> Links:
> ------
> [1] https://wiki.samba.org/index.php/Samba_as_a_print_server
> [2]
> https://wiki.samba.org/index.php/Setup_and_configure_file_shares_with_Windows_ACLs
> [3] http://www.donelsontrophy.com

Your wish is my command, or to put it another way, I have changed it.

Rowland

More information about the samba mailing list