[Samba] Samba43 ACL's issues

Mueller mueller at tropenklinik.de
Tue Jun 21 12:22:50 UTC 2016

What about this in your global section
create mask = 770 
         force create mode = 770
         directory mask = 770
         force directory mode = 770


EDV Daniel Müller

Leitung EDV
Tropenklinik Paul-Lechler-Krankenhaus
Paul-Lechler-Str. 24
72076 Tübingen 
Tel.: 07071/206-463, Fax: 07071/206-499
 Email: mueller at tropenklinik.de

-----Ursprüngliche Nachricht-----
Von: Juan Garcia [mailto:juan at ish.com.au] 
Gesendet: Dienstag, 21. Juni 2016 13:47
An: samba at lists.samba.org
Betreff: [Samba] Samba43 ACL's issues

Hi there,

I'm having trouble with permissions and ACL's running samba43.

I want to be able to set permissions on a folder to an specific user.

I'm having a similar issue reported here https://lists.samba.org/archive/samba/2010-July/156965.html

However my error message is slightly different:

When I set the permission on an specific user by creating a new folder inside the share, right click -> properties -> security tab I get:

An error ocurred while applying security information to:


The parameter is incorrect

I have tried changing the permissions manually with "chmod a+rwx /test/"

But this does not look like a permissions problem this looks more like samba or some setting in smb4.con itself

this is my smb4.conf file:

  Global parameters
         interfaces =
         bind interfaces only = yes
         workgroup = CW1
         realm = DOMAIN.NAME.COM.AU
         netbios name = SERVER1
         server role = active directory domain controller
         dns forwarder =
         printing = bsd
         server services = s3fs, rpc, wrepl, ldap, cldap, kdc, drepl, 
winbind, ntp_signd, kcc, dnsupdate, dns
         dcerpc endpoint servers = epmapper, wkssvc, rpcecho, samr, 
netlogon, lsarpc, spoolss, drsuapi, dssetup, unixinfo, browser, 
eventlog6, backupkey, dnsserver
         restrict anonymous = 1
         map acl inherit = no
         store dos attributes = yes
         unix extensions = no
         ea support = no
         idmap_ldb:use rfc2307 = yes
         browseable= yes
         writable = yes
         read only= no
         create mask = 770
         force create mode = 770
         directory mask = 770
         force directory mode = 770
         kerberos method = system keytab
         client ldap sasl wrapping = sign
         allow dns updates = nonsecure and secure

         path = /var/fileshare/test
         valid users = @DOMAIN.NAME.COM.AU\staff
         guest ok = yes
         read only = no

Not sure what am I missing, I appreciate your help.


Juan Garcia

To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

More information about the samba mailing list