[Samba] Access denied to change share security staff

Rommel Rodriguez Toirac rommelrt at nauta.cu
Sat Apr 15 16:35:06 UTC 2017

El 14 de abril de 2017 3:21:36 GMT-04:00, Rowland Penny <rpenny at samba.org> escribió:
>On Thu, 13 Apr 2017 17:10:16 -0400
>Rommel Rodriguez Toirac via samba <samba at lists.samba.org> wrote:
>> [root at gtmpve nagios]# net rpc rights list accounts
>> ATGTM00\Domain Admins
>> SeDiskOperatorPrivilege
>>  It look like the Domain admins yes have the
>> 'SeDiskOperatorPrivilege' privilege. I change the group of the share
>> with chgrp and try from Windows RSAT. I saw the Doamin admins group
>> with Special permissions set; but can chage anything in Secutiry tab.
>> In Share permissions tab yes.
>>  Now I get this: 
>> [root at gtmpve nagios]# getfacl /test/compartir/
>> getfacl: Eliminando '/' inicial en nombres de ruta absolutos
>> # file: test/compartir/
>> # owner: root
>> # group: ATGTM00\134domain\040admins
>> user::rwx
>> group::r-x
>> other::r-x
>> [root at gtmpve nagios]# ls -lda /test/compartir/
>> drwxr-xr-x. 2 root ATGTM00\domain admins 6 abr 13
>> 08:29 /test/compartir/
>>  The group ATGTM00\134domain\040admins have not permissions to write
>> in this directory. Is that right?
>Yes, that is your problem now, try 'chmod 0770 /test/compartir'
>This will then give 'root' and members of 'Domain Admin' full control
>of the directory, but you should then be able to add other users &
>groups from windows.

Thank Rowland for answer;

This week in my job is free from Friday till Sunday. I write you back on Monday when get access to the server and try 'chmod 0770 /test/compartir'

 Why so short the result of command 'getfacl'; the result in the other file server is largest, for example this part is not present in the result of ther server with problems:


Rommel Rodriguez Toirac
rommelrt at nauta.cu

More information about the samba mailing list