[Samba] What happens to files if an employee quits - user removed from AD

Rowland penny rpenny at samba.org
Thu Feb 25 10:26:06 UTC 2021

On 25/02/2021 09:58, Nicola Mingotti via samba wrote:
> Hi again,
> sorry for opening many topics, it is just Samba time for
> me these days and I have a lot of new questions.
> When I moved all our company NAS from WindowsServer to Linux/Samba
> all files where owned by 'root' and had group 'adm'.
> All access were regulated only trough ACL.
> Now I see users are creating a lot of new
> directory and files, of course. Which have as owner
> the AD users.
> My question is, suppose user 'foo' leaves the company
> tomorrow. He made quite a few directories and files.
> In theory I should remove the user from AD so suppose
> I do it, I remove user 'foo' from AD. What
> will happen to 'foo' owned files ? Who will become the owner?
> Will disk remain in a consistent state ?
> I am also considering changing the owner of all files
> to 'root' every night. Because the actual owner of all files
> isn't any user, is the company. I don't do 'force user = root' in 
> smb.conf
> because I like to see who is doing what in the log files.

I wouldn't delete the user, I would disable it, this way you can easily 
see which files/directories had been created by that user and take 
appropriate action, delete some and change ownership of others. I 
wouldn't force any user to be the owner of any files or directories, 
this really isn't the way to do it.

I would also suggest you do some reading about how Windows deals with 
file and folder ownership.


More information about the samba mailing list