[Samba] Permission Issue
L.P.H. van Belle
belle at bazuin.nl
Wed Aug 28 13:56:08 UTC 2019
Hai,
First i must say, i dont use/know gluster.
But I noticed you config (smb.conf) is a bit off.
store dos attributes = Yes << is missing.
And i would say setup netbios name and REALM in CAPS.
And
> smbd:search ask sharemode = no
Should be : smbd search ask sharemod
>> https://www.samba.org/samba/history/samba-4.10.0.html
See smb.conf changes,
What i dont know, but dont you need one or both of these. (vfs_modules)
Because i also notice New glusterfs_fuse VFS module as "new" in the changelog.
See:
man vfs_glusterfs
man vfs_glusterfs_fuse
Someone, who knows gluster, should give more info about this.
I cant.. (sorry), I cant know everything.. :-/
Greetz,
Louis
> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens
> Benedikt Kaleß via samba
> Verzonden: woensdag 28 augustus 2019 11:22
> Aan: samba at lists.samba.org >> samba
> Onderwerp: [Samba] Permission Issue
>
> Hi again,
>
> regarding my post "plenty of vacuuuming process" a "gluster
> volume heal"
> seems to improve the situation.
>
> But I still have a strange problem:
>
> Sometimes a user don't have permissions to a restricted folder when h
> connects to a share or logs in at a windows client. In some times all
> permissions are granted. If the user creates a file, the user
> and group
> is correctly set.
>
> Im running Samba version 4.9.12-SerNet-Debian-15.stretch on
> all 3 nodes.
>
> I tried to enlarge the id range with no effects.
>
> This is the output off net conf list:
>
> [global]
> winbind refresh tickets = Yes
> winbind use default domain = yes
> template shell = /bin/bash
> idmap config * : range = 1000000 - 1999999
> idmap config DOMAINNAME : backend = rid
> idmap config DOMAINNAME : range = 1000 - 999999
> hide dot files = yes
> server string = Daten server %h (Samba %v)
> vfs objects = acl_xattr
> map acl inherit = yes
> workgroup = DOMAINNAME
> netbios name = cluster-ho
> clustering = yes
> security = ads
> realm = zfd.forumzfd.de
> smbd:search ask sharemode = no
>
> [home]
> path = /data/ho/
> comment = Home Directories
> read only = no
> browseable = yes
>
> [Ablage]
> comment = DATA_Share
> path = /data/ho/data
> read only = no
>
>
> This is is the message in /var/log/samba/log.smbd:
>
> smbd_smb2_request_error_ex: smbd_smb2_request_error_ex: idx[1]
> status[NT_STATUS_ACCESS_DENIED] || at
> ../source3/smbd/smb2_getinfo.c:159
>
> Thank you again for ideas or comments.
>
>
> Best regards
>
> Bene
>
> --
> ???forumZFD
> Entschieden für Frieden|Committed to Peace
>
> Benedikt Kaleß
> Leiter Team IT|Head team IT
>
> Forum Ziviler Friedensdienst e.V.|Forum Civil Peace Service
> Am Kölner Brett 8 | 50825 Köln | Germany
>
> Tel 0221 91273233 | Fax 0221 91273299 |
> http://www.forumZFD.de
>
> Vorstand nach § 26 BGB, einzelvertretungsberechtigt|Executive Board:
> Oliver Knabe (Vorsitz|Chair), Sonja Wiekenberg-Mlalandle,
> Alexander Mauz
> VR 17651 Amtsgericht Köln
>
> Spenden|Donations: IBAN DE37 3702 0500 0008 2401 01 BIC BFSWDE33XXX
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
>
More information about the samba
mailing list