[Samba] missing group affiliation on ad dc
Rowland Penny
rpenny at samba.org
Mon Oct 8 16:46:09 UTC 2018
On Mon, 8 Oct 2018 18:31:40 +0200
basti mueller via samba <samba at lists.samba.org> wrote:
> Hi Rowland,
>
> >> Hi,
> >>
> >> I've a strange problem. I migrated my NT4 PDC to a ad on my debian
> >> stretch (samba version is 4.5.12).
> >>
> >> The Domain Controller has some shares for my users.
> >>
> >> One user just told me he can't access the share...before the
> >> migration he was able to access the share btw! So I checked the
> >> ACL's of this share.
> >>
> >> Its:
> >> root at server:~# getfacl /media/exampleshare
> >> # file: media/exampleshare
> >> # owner: EXAMPLE\134fileadmin
> >> # group: EXAMPLE\134mitarbeiter
> >> user::rwx
> >> group::---
> >> group:BUILTIN\134administrators:rwx
> >> group:EXAMPLE\134sharegroup:rwx
> >> mask::rwx
> >> other::---
> >> default:user::rwx
> >> default:group::---
> >> default:group:EXAMPLE\134sharegroup:rwx
> >> default:mask::rwx
> >> default:other::---
> >>
> >>
> It seems like not because the user can't access the nfs3-share
> because of permission. Anything else I could check?
I take it the 'getfacl' output is for the nfs3-share, so if your user
is a member of the 'sharegroup', the user should be able to access the
share, unless something else is blocking it (trying to connect from a
non joined computer, firewall etc)
How are they trying to access the share ?
Rowland
More information about the samba
mailing list