[Samba] setting ACLs via powershell
alaxa at libero.it
alaxa at libero.it
Mon May 18 14:15:32 UTC 2020
Dear list,
I am struggling with a problem about interaction between a samba share and ACLs set through powershell (Set-Acl). The share was configured following guidelines at the Samba's wiki (https://wiki.samba.org/index.php/Setting_up_a_Share_Using_Windows_ACLs) and I took care about the "rpc rights grant" section. I am able to set permission from within Windows Explorer and using icacls.exe but I cannot using the Powershell's Set-Acl, it stuck with this message:
set-acl : Some or all identity references could not be translated.
Then I run some check and dug the samba's debug log and hit the errors:
[2020/05/18 14:42:29.430946, 10, pid=31893, effective(0, 0), real(0, 0)] ../../source3/smbd/open.c:5137(create_file_unixpath)
create_file_unixpath: open on tesRootFolder/testAlaxa failed - SEC_FLAG_SYSTEM_SECURITY denied.
[2020/05/18 14:42:29.430954, 10, pid=31893, effective(0, 0), real(0, 0)] ../../source3/smbd/open.c:5445(create_file_unixpath)
create_file_unixpath: NT_STATUS_PRIVILEGE_NOT_HELD
[2020/05/18 14:42:29.430961, 10, pid=31893, effective(0, 0), real(0, 0)] ../../source3/smbd/open.c:5722(create_file_default)
create_file: NT_STATUS_PRIVILEGE_NOT_HELD
So I tried to grant other privileges but nothing changes.
I know I could go ahead with icacls.exe command, and I am doing that, but now it is just a matter of curiosity.
Thanks,
alaxa
More information about the samba
mailing list