Hey List- Okay, I've got a 2003 AD Server which has all the office users setup, groups, etc... I have a FreeBSD apache development box with a couple of shares on it for devels to use. This devel box also has proftpd authentication external domain users via PAM. The issue I was having is that the FTP users could login, but they couldn't write or create files. The permissions were showing up as: username : BUILTIN\users files are mostly 664 and directories are all 775 I'm guessing this is relating to the "Domain Users" group. So, I changed the group to be 'internalgroup' of which everyone is a member. Now, the FTP users have zero issue, but the internal users now can't create new files in those directories via the fileshares. I have double checked that everyone is in the 'internalgroup'. I even tried setting the 'Primary Group' option in Windows to be 'internalgroup' and having a user reboot and try again. No dice. As soon as I change the group owner back to 'BUILTIN\users' everything works fine again for internal users, but FTP users are hosed again. Any thoughts? Henrik -- Henrik Hudson lists@rhavenn.net ------------------------------ "God, root, what is difference?" Pitr; UF (http://www.userfriendly.org/)
On 9/20/07, Henrik Hudson <lists@rhavenn.net> wrote:> Hey List- > > Okay, I've got a 2003 AD Server which has all the office users setup, groups, > etc... I have a FreeBSD apache development box with a couple of shares on > it for devels to use. This devel box also has proftpd authentication external > domain users via PAM. > > The issue I was having is that the FTP users could login, but they couldn't > write or create files. The permissions were showing up as: > > username : BUILTIN\users > files are mostly 664 and directories are all 775 > > I'm guessing this is relating to the "Domain Users" group. So, I changed the > group to be 'internalgroup' of which everyone is a member. Now, the FTP users > have zero issue, but the internal users now can't create new files in those > directories via the fileshares. > > I have double checked that everyone is in the 'internalgroup'. I even tried > setting the 'Primary Group' option in Windows to be 'internalgroup' and > having a user reboot and try again. No dice. As soon as I change the group > owner back to 'BUILTIN\users' everything works fine again for internal users, > but FTP users are hosed again. > > Any thoughts?It's possible yith Samba to make shares read-only with read-only = yes or writeable = no (which are the same directives but the other way around). Maybe you have done so by accident or your default configuration comes with these? -- Frank Van Damme A: Because it destroys the flow of the conversation Q: Why is it bad? A: No, it's bad. Q: Should I top post in replies to mails or on usenet?