[Samba] Can't write to a samba share mounted as an AD user
pisymbol
pisymbol at gmail.com
Thu Aug 2 14:43:26 UTC 2018
Full disclosure: This is an exported share on a QNAP NAS device.
[admin at outerdrive ~]# /mnt/ext/opt/samba/bin/smbstatus
Samba version 4.4.16
PID Username Group Machine
Protocol Version Encryption Signing
----------------------------------------------------------------------------------------------------------------------------------------
14549 -1 -1 (192.168.192.124)
SMB2_10 - -
Service pid Username Adderess Machine Connected at
Encryption Signing
QNAP need start--------------------------------------
IPC$ 14549 -1 192.168.192.124 Thu Aug 2 10:25:37 AM 2018
EDT - -
Public 14549 -1 192.168.192.124 Thu Aug 2 10:25:37 AM 2018
EDT - -
QNAP need end--------------------------------------
No locked files
This is from the administrator's shell account on the QNAP device. The
share in question is 'Public'.
When I mount the share using my AD creds the mount succeeds. I can touch(1)
files and read them but for whatever reason I can't write to the share. The
ACL of the share in question looks like this:
netname: Public
remark: System default share
path: C:\share\CACHEDEV1_DATA\Public
password:
type: 0x0
perms: 0
max_uses: -1
num_uses: 1
revision: 0
type: 0x8004: SEC_DESC_DACL_PRESENT SEC_DESC_SELF_RELATIVE
DACL
ACL Num ACEs: 1 revision: 2
---
ACE
type: ACCESS ALLOWED (0) flags: 0x00
Specific bits: 0x1ff
Permissions: 0x1f01ff: SYNCHRONIZE_ACCESS WRITE_OWNER_ACCESS
WRITE_DAC_ACCESS READ_CONTROL_ACCESS DELETE_ACCESS
SID: S-1-1-0
So S-1-1-0 is "everyone."
Is it because the uid/gid is "-1" in the above output causing my grief?
Thanks!
-aps
More information about the samba
mailing list