[Samba] Allow user without uidNumber to access to a Samba member file server

Arnaud Cruzel a.cruzel at ifporient.org
Wed Mar 15 15:40:22 UTC 2017

Le mercredi 15 mars 2017 à 15:16 +0100, L.P.H. van Belle via samba a
écrit :
> > But if he try to access to the file server (from a Windows 10
> > client), 
> > he get an "Access refused".
> How did he access the share. 
> \\servername\share  or  \\servername.dnsdom.tld\share 
> (or by \\ip ) 
by \\servername\share

> Can he access \\servername  without the share.
no it can't
> And the Win10 eventid + discription of the "Access refused" would be
> nice.
There is no event ID neither descriptions. I don't find any entry on
Windows event viewer.
> The "Share Security" settings are? 
by exemple for the share 'Shares' :
For Administrator / Domain Admins / System / Creator Owner = Full
Control on folder, subfolders and files
For Authenticated Users / Domain Users = Read and Execute on this
folder only

> It should work with rfc2307, i works fine for me
> ADDC 4.5.3 + members 4.5.3/4.6.0 
> All servers in rfc2307 mode.
Yes I don't say it's not working. The problem is for set a GPO to
deploy applications, I have to deploy it by user GPO.
If I want to do that by computer GPO I have to set uidNumber to all
computers. I'm lazy to do that :)
And now with Windows 10 who don't allow to set rfc2307 easily with ADUC
 it become very complicate to set uidNumber manually for each user.

> But i did set extra things, so before i advice something i need the
> above info first. 
> Greetz, 
> Louis

More information about the samba mailing list