[Samba] Error while trying to manage file share
Rowland penny
rpenny at samba.org
Wed Nov 27 21:02:34 UTC 2019
On 27/11/2019 20:38, Marian Thieme wrote:
> On 11/27/19 9:29 PM, Rowland penny via samba wrote:
>> On 27/11/2019 20:18, Marian Thieme wrote:
>>> First of all I would like to thank you for your help !
>>>
>>> Secondly, I think I got you wrong: My local users are just system
>>> users. So I don't have to worry about /etc/passwd. No collision to
>>> expect And that's why I think I am safe with the range. Actually you
>>> are right, I should allow for local users that might be created in
>>> future maybe for administration and "reserve" uids in range like
>>> 1000-1050. At this point this will be no problem at all.
>>>
>>> Regarding the doc: I was referring to the Info Box just below
>>> Section: "Granting the SeDiskOperatorPrivilege Privilege" on
>>> website:
>>> https://wiki.samba.org/index.php/Setting_up_a_Share_Using_Windows_ACLs
>>> And I followed the docs you mentioned for setting up the domain member.
>>> However the initial problem is solved, somehow, because I am able to
>>> use MMC to initially assign User "everyone". If I understood
>>> correctly, having assigned user everyone as security group to the
>>> share, I am then able to maintain perms and ownerships just via
>>> folder properties after connecting the network share with some admin
>>> user account to some windows box.
>>> I am wondering if I have to take care about the errors I mentioned
>>> while connecting to the samba file server using MMC. Or is it save
>>> to ignore it ?
>>>
>>> Marian
>>>
>>>
>> It is fairly common to get errors using ADUC similar to yours,
>> normally it is possible to click through them and then everything
>> works, if this is your case, just ignore them.
>>
>> Can I also introduce you to the wonderful world of 'samba-tool', this
>> can do a lot of what ADUC does, but on the Unix command line, just
>> open a terminal on the Samba AD DC and type 'samba-tool --help' for
>> more info.
>>
>> Rowland
>>
> Of course, yes please ! Actually I would prefer doing it based on
> linux console alone.
>
> Since the topic w.r.t. share configuration is somewhat new to me I
> following the, lets say, documented way. Also I looked around in the
> web and I found this post:
> https://serverfault.com/questions/875298/change-windows-acls-of-smb-samba-shares-directly-in-linux
> My impression in the end has been: seems to be even more difficult. An
> how-to for the basic setup would be great. Or do we have any ?
>
> Marian
>
Yes, you could do it that way, actually running the command is easy, it
is creating the sddl that is the hard part ;-)
Easiest way at the moment is to set the permissions from Windows.
Rowland
More information about the samba
mailing list