[Samba] What happens to files if an employee quits - user removed from AD
Rowland penny
rpenny at samba.org
Thu Feb 25 10:26:06 UTC 2021
On 25/02/2021 09:58, Nicola Mingotti via samba wrote:
>
> Hi again,
>
> sorry for opening many topics, it is just Samba time for
> me these days and I have a lot of new questions.
>
> When I moved all our company NAS from WindowsServer to Linux/Samba
> all files where owned by 'root' and had group 'adm'.
> All access were regulated only trough ACL.
>
> Now I see users are creating a lot of new
> directory and files, of course. Which have as owner
> the AD users.
>
> My question is, suppose user 'foo' leaves the company
> tomorrow. He made quite a few directories and files.
> In theory I should remove the user from AD so suppose
> I do it, I remove user 'foo' from AD. What
> will happen to 'foo' owned files ? Who will become the owner?
> Will disk remain in a consistent state ?
>
> I am also considering changing the owner of all files
> to 'root' every night. Because the actual owner of all files
> isn't any user, is the company. I don't do 'force user = root' in
> smb.conf
> because I like to see who is doing what in the log files.
>
I wouldn't delete the user, I would disable it, this way you can easily
see which files/directories had been created by that user and take
appropriate action, delete some and change ownership of others. I
wouldn't force any user to be the owner of any files or directories,
this really isn't the way to do it.
I would also suggest you do some reading about how Windows deals with
file and folder ownership.
Rowland
More information about the samba
mailing list