[Samba] confirm deletion - possible?

Rowland penny rpenny at samba.org
Tue Jan 26 17:01:01 UTC 2021

On 26/01/2021 16:43, Stefan G. Weichinger via samba wrote:
> Am 26.01.21 um 13:16 schrieb Rowland penny via samba:
>> On 26/01/2021 12:03, Stefan G. Weichinger via samba wrote:
>>> I get feedback that the "power user" (userC in example below) isn't 
>>> able to access all the deleted files of the other users.
>>> And something about 0 bytes files in there ....
>> We had this recently, it is the way that Windows rename etc works, it 
>> creates a NULL file then deletes it as part of the process.
> I haven't yet checked his mail in detail, but it sounds *wrong* to me?
> Does Windows fail here?
>>> userC is member of UNIX group "users"
>> If Windows is involved, then forget 'users' use 'Domain Users' (which 
>> 'users' is a member of) instead.
> But it isn't a Domain Member or DC ... that's why I assumed ...
> And I also forced group users (for years now ... I think that server 
> started in the days of samba-3.x).

Sorry, this thread has been going on so long, I forgot that 😅

>>> I assume I could/should get rid of stuff like "create mask" ? That 
>>> is historical stuff from years ago, never touched because "works".

This is one of the failings of a standalone server in a Windows domain, 
the users on the standalone server are not domain users, even if they 
have the same names. There is no way I personally would use a standalone 
server (which is akin to using a Windows Home edition) in a domain.

>> If Windows is involved, I would remove a lot of lines from the share 
>> and then set the permissions from Windows.
> I see and agree.
> So it seems like: switch over to Windows ACLs first, then apply new 
> permissions, test vfs_recycle after that.

I would add 'join the domain' in amongst all that 😁


> Right?
> thanks @Rowland

More information about the samba mailing list