Hai, (oeps, typed this in the morning )> -----Oorspronkelijk bericht----- > Van: samba [mailto:samba-bounces at lists.samba.org] Namens > marco pirola via samba > Verzonden: woensdag 13 februari 2019 11:27 > Aan: samba at lists.samba.org > Onderwerp: Re: [Samba] error on the modificed permission > > Yes , i optaing SeDiskOperatorPrivilege: > ROBINOOD\Domain Admins > BUILTIN\Administrators > > Il 13/02/2019 11:11, Rowland Penny via samba ha scritto: > > On Wed, 13 Feb 2019 10:55:46 +0100 > > marco pirola via samba <samba at lists.samba.org> wrote: > > > >> Thanks rowald: naw optaing getent group Domain\ Admins > >> domain admins:x:10512:administrator > >> > >> but if I usa administrator to join in the domain i optaing > >> I get that the user does not have the rights to set the permissions > >> to the share > >> > >> wat a war: it dont's want to know :'( > >> > > Does: > > > > net rpc rights list privileges SeDiskOperatorPrivilege -U > "ROBINOOD\administrator" > > > > Show 'Domain Admins' having the 'SeDiskOperatorPrivilege' ? > > > > Does ls -lad /home/samba/samba/ > > > > Show something like this: > > > > drwxrwx--- 2 root domain_admins 4096 Feb 12 10:47 /home/samba/samba/The folder below the shared folder needs correct rights also. Try to set this. If this is the samba home : /home/samba And you sharing /home/samba/samba/ as \\server\samba Then set 3775 : on /home/samba chown root:Domain\ Admins /home/samba chmod 3775 /home/samba chown root:Domain\ Admins /home/samba/samba chmod 3775 /home/samba/samba Now try again. If its not working, try again but set 3777 on all, create a folder, check the acl's. I normaly start like this. Bit explained, this is "LOCAL" access on the linux server install -d /home/samba -o root -g "administrators" -m 3775 Im using "BUILTIN\Administrators" because thats "normaly" a LOCAL group. And "Domain Admins" is member of "BUILTIN\Administrators" This is the "REMOTE" acces on the linux server. install -d /home/samba/samba -o root -g "Domain Admins" -m 3775 As of this point the Domain Admins administer the rights on the shares. Greetz, Louis
Witch getfacil the risulted null. Il 13/02/2019 16:35, L.P.H. van Belle via samba ha scritto:> Hai, (oeps, typed this in the morning ) > > >> -----Oorspronkelijk bericht----- >> Van: samba [mailto:samba-bounces at lists.samba.org] Namens >> marco pirola via samba >> Verzonden: woensdag 13 februari 2019 11:27 >> Aan: samba at lists.samba.org >> Onderwerp: Re: [Samba] error on the modificed permission >> >> Yes , i optaing SeDiskOperatorPrivilege: >> ROBINOOD\Domain Admins >> BUILTIN\Administrators >> >> Il 13/02/2019 11:11, Rowland Penny via samba ha scritto: >>> On Wed, 13 Feb 2019 10:55:46 +0100 >>> marco pirola via samba <samba at lists.samba.org> wrote: >>> >>>> Thanks rowald: naw optaing getent group Domain\ Admins >>>> domain admins:x:10512:administrator >>>> >>>> but if I usa administrator to join in the domain i optaing >>>> I get that the user does not have the rights to set the permissions >>>> to the share >>>> >>>> wat a war: it dont's want to know :'( >>>> >>> Does: >>> >>> net rpc rights list privileges SeDiskOperatorPrivilege -U >> "ROBINOOD\administrator" >>> Show 'Domain Admins' having the 'SeDiskOperatorPrivilege' ? >>> >>> Does ls -lad /home/samba/samba/ >>> >>> Show something like this: >>> >>> drwxrwx--- 2 root domain_admins 4096 Feb 12 10:47 /home/samba/samba/ > The folder below the shared folder needs correct rights also. > > Try to set this. > If this is the samba home : /home/samba > And you sharing /home/samba/samba/ as \\server\samba > > Then set 3775 : on /home/samba > > chown root:Domain\ Admins /home/samba > chmod 3775 /home/samba > > chown root:Domain\ Admins /home/samba/samba > chmod 3775 /home/samba/samba > > Now try again. > If its not working, try again but set 3777 on all, create a folder, check the acl's. > > I normaly start like this. > > Bit explained, this is "LOCAL" access on the linux server > install -d /home/samba -o root -g "administrators" -m 3775 > > Im using "BUILTIN\Administrators" because thats "normaly" a LOCAL group. > And "Domain Admins" is member of "BUILTIN\Administrators" > > This is the "REMOTE" acces on the linux server. > install -d /home/samba/samba -o root -g "Domain Admins" -m 3775 > > As of this point the Domain Admins administer the rights on the shares. > > > > Greetz, > > Louis > >
On Wed, 13 Feb 2019 17:36:23 +0100 marco pirola via samba <samba at lists.samba.org> wrote:> Witch getfacil the risulted null. >And in English: getfacl produced no output. Do you have the '+' sign at the end of the Unix permissions ? Rowland