[Samba] samba ad dc problem with windows group share
Jose Renato Castro Milanez
jrcmilanez at unifei.edu.br
Tue Apr 5 19:29:25 UTC 2022
Hello friends, how are you?
I created a share with this documentation (
https://wiki.samba.org/index.php/Windows_User_Home_Folders) and inside the
share,
created folders and give full control for each group I created at the SAMBA
AD DC.
When the user of the group create a file on the respective group share,
he'll the owner of the file but the group don't have full control of the
file too. Only the administration and domain admins have full control
access.
I'd like to know if I did it correctly or if I need to do another strategy
to enable group share for my AD DC users.
Thanks.
My samba config:
# Global parameters
[global]
dns forwarder = x, y
netbios name = AAA
realm = AAA.LOCAL
server role = active directory domain controller
workgroup = AAA
idmap_ldb:use rfc2307 = yes
vfs objects = acl_xattr full_audit
full_audit:prefix = %u|%I|%m|%S
full_audit:success = mkdir rename unkink rmdir pwrite
full_audit:failure = none
full_audit:priority = NOTICE
map acl inherit = yes
store dos attributes = yes
printing = cups
wins support = yes
log level = 1 auth:5 winbind:5
ldap server require strong auth = no
spoolss: architecture = Windows x64
logging = syslog
[print$]
path = /samba/printer_drivers/
read only = no
[sysvol]
path = /usr/local/samba/var/locks/sysvol
read only = No
[netlogon]
path = /usr/local/samba/var/locks/sysvol/aaa.local/scripts
read only = No
[printers]
path = /var/spool/samba
printable = yes
[groups]
path = /samba/groups
read only = no
--
M.Sc. José Renato Castro Milanez
Analista de Tecnologia da Informação
Centro de Educação - CEDUC
Universidade Federal de Itajubá
Itajubá - Minas Gerais - Brasil
Telefone/Phone (55) (35) 3629-1951
E-mail jrcmilanez at unifei.edu.br
More information about the samba
mailing list