[Samba] Windows ACLs : problems
Rowland penny
rpenny at samba.org
Mon Feb 24 09:34:25 UTC 2020
On 24/02/2020 08:52, Stefan G. Weichinger via samba wrote:
> Status:
>
> domain member server, Samba version 4.10.11-Debian
>
>
> username map = /etc/samba/samba_usermapping
I take it that samba_usermapping contains something like this:
!root = CUSTOMER\Administrator
> The share "QM" gives us issues when we edit ACLs via RSAT on windows DC.
>
> access denied
>
> Folder is owned by
>
> administrator:10513
>
So why does 'administrator' own the share and not root ?
If 'Administrator' is used on a Unix domain member, then 'Administrator'
will only be like any other Unix user and will only be able to do what a
normal user can.
Change the owner to 'root' and never use Administrator on a Unix domain
member.
Rowland
More information about the samba
mailing list