[Samba] Unable to write to a share that I should have access to

McIntyre, Vincent (S&A, Marsfield) Vincent.Mcintyre at csiro.au
Sat Mar 5 00:56:48 UTC 2022

On Fri, Mar 04, 2022 at 06:21:56PM -0500, Rob Campbell via samba wrote:
>Ok.  What about this one, it's ext4 along with all the others.
>testparm -s:
>comment = Photo Storage
>create mask = 0777
>directory mask = 0777
>force create mode = 0777
>force directory mode = 0777
>inherit acls = Yes
>path = /multimedia/Photos
>read only = No
>valid users = @HOME\Photos_Users @HOME\Multimedia_Users
>comment = Photo Storage
>path = /multimedia/Photos
>writeable = yes
>guest ok = no
>browseable = yes
>create mask = 0777
>force create mode = 777
>force directory mode = 777
>inherit acls = Yes
>read only = no
>directory mask = 0777
>valid users = @HOME\Photos_Users, at HOME\Multimedia_Users
>The user is a member of both Photo_Users and Multimedia_Users.  Just for
>now, I just want to be able to write.  In the future, I'd want Photo_Users
>to be able to write but Multimedia_Users only be able to read.

I have a similar situation (version 4.13). Suggestion below.
I have local and domain users in sync and use local groups
for this, so maybe this won't work for you. In particular
I've never messed with 'inherit acls', have not needed it.

comment = Photo Storage
path = /multimedia/Photos
read only = No
guest ok = no
valid users = @HOME\Photos_Users @HOME\Multimedia_Users
read list = @HOME\Multimedia_Users
write list = @HOME\Photos_Users
create mask = 0664
directory mask = 0775
force create mode = 2775
force directory mode = 2775
force group @HOME\Photos_Users
inherit acls = Yes

My crib notes on this (corrections appreciated!)

#   'read only'   'yes|no'. default: 'yes'
#   'write list'  <user or group>. OVERRIDES 'read only' setting.
#   'read list'   <user or group>. OVERRIDES 'write list' setting for named users.
#                                  OVERRIDES 'read only = no' for named users.
#   'create mask'          <octal> Bitmask ANDed with process umask for the file.
#   'directory mask'       <octal> Bitmask ANDed with process umask for the dir.
#   'force create mode'    <octal> Bitmask ORed with process umask,
#                                  after the create mask has been applied.
#   'force directory mode' <octal> Bitmask ORed with process umask, after the
#                                  after the directory mask has been applied.
# These are synonyms, avoid them -
#   'write ok'       inverted synonym for 'read only'
#   'writeable'      inverted synonym for 'read only'
#   'create mode'    synonym for 'create mask'
#   'directory mode' synonym for 'directory mask'
# Deprecated, avoid -
#   'user'        synonym for 'username'
#   'users'       synonym for 'username'
#   'username'

More information about the samba mailing list