[Samba] samba 4.1.17

Sun Sep 13 18:02:57 UTC 2015

Thank you very much Rowland.
As you correctly said I've installed AD DC.Here are some configuration details.
krb5.conf

        #default_realm = ${REALM}
        default_realm = INTRASRV.LOCAL
        dns_lookup_realm = false
        dns_lookup_kdc = true

resolv.conf

#     DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
nameserver 192.168.1.210
nameserver 8.8.8.8
search INTRASRV.local

interfaces

# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
auto eth0
#iface eth0 inet dhcp
iface eth0 inet static
address 192.168.1.210
netmask 255.255.255.0
network 192.168.1.0
broadcast 192.168.1.255
gateway 192.168.1.1
dns-nameservers 192.168.1.210 8.8.8.8
dns-search INTRASRV.local

smb.conf
/usr/local/samba/etc/smb.conf

# Global parameters
[global]
        workgroup = INTRASRV
        realm = INTRASRV.local
        netbios name = ACERSRV
        server role = active directory domain controller
        #dns forwarder = 192.168.1.210
        dns forwarder = 8.8.8.8

[netlogon]
        path = /usr/local/samba/var/locks/sysvol/INTRASRV.local/scripts
        read only = No

[sysvol]
        path = /usr/local/samba/var/locks/sysvol
        read only = No

[home]
    path = /usr/local/samba/var/home/
        read only = No

[Users]
        directory_mode: parameter = 0700
        read only = no
        path = /Users
        csc policy = documents

# Share Folders
[Book]
        path = /usr/local/samba/var/Book
        read only = no

[Prodev]
        path = /usr/local/samba/var/Projectdev
        read only = no

[Counseling]
        path = /usr/local/samba/var/Counseling
    read only = no
        directory mask = 0777
        create mask = 0777

[Documents]
        path = /usr/local/samba/var/Documents
        read only = no
The permissions are set using remote server administration tools for windows 8 - Computer Management. After choosing the share names (in properties) I gave permissions to users under permission tab. Next I used the Tab "Security" to give them full control of the corresponding share folders.
Which path would you advise to be selected for share folders?

Thank you,
Tadewos
      From: Rowland Penny <rowlandpenny241155 at gmail.com>
 To: samba at lists.samba.org 
 Sent: Saturday, September 12, 2015 7:14 PM
 Subject: Re: [Samba] samba 4.1.17

On 11/09/15 23:57, Tadewos Alemneh wrote:

> I've installed samba 4.1.17 as a pdc on Ubuntu 12.04server. I wanted to use the same samba 4 as file server, where users sharecommon Documents. Therefore I’ve created some users and groups and gave them fullpermissions to their corresponding folders. The path for shared folders is /usr/local/samba/var/.In /usr/local/samba/var/ I’ve created the share folders withthe command for eg. “mkdir Documents” (Documents is one of the shared folder names). So far is every thing went good. All Users can login tothe machine (primary domain controller). They can map the shares as networkdrive on windows machines. They also have access to their folders andDocuments. But at times, these same users got “access denied” messages to theirown ms office and pdf files. Further these users are not able to access filesthey downloaded from the internet (say it email attachments or free download fileslike pdf, graphics …) and saved to their folders.  When I login in as an administrator I noticed that the permissionrights given to the user on this folder is lost for some documents (but notfor other files of the same type like .doc, .pdf etc) created by the useritself. If users have to regain access to the access denied documents, I mustlogin (as an administrator) and give them again exclusive rights to these particularfiles in order they can open, edit and save the files. This issue occurs not always but now and then at least ones in a day. Is this aknown issue or did I make a mistake in configuring the shares? How can I fixthis problem? Thank youTadewos

OK, firstly, I don't think you have installed samba as a PDC, I think 
you have installed an AD DC. I also am struggling to help you because 
you do not tell us how you set the permissions on the folders and what 
you set them to. I would also move the shares to somewhere else, you 
really shouldn't put shares there.
Could you please post your smb.conf (you can sanitise this) so we can 
see what, if anything, you have altered.

Rowland

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba