On Tue, 8 Sep 2020, Rowland penny via samba wrote:> On 08/09/2020 13:27, Harald Hannelius via samba wrote:
>>
>> Hello,
>>
>> I have users in Samba AD with uid- and gidnumbers. I also have group
>> objects with gidNumbers.
>>
>> I have a Samba member server (all servers Samba 4.9.5-Debian) that have
one
>> share and a lot of directories.
>>
>> The directory permissions are set as a specific group as owner, and the
>> group write and suid bit are set.
>>
>> ?drwxrwsr-x 2 root thegroup? 4096 Sep? 8 15:25 groupdir
>>
>> This worked fine in Samba 3. However, now when people are storing files
in
>> the dir the file doesn't get group ownership 'thegroup' nor
does it get
>> write permission bit set.
>>
>> Is there a new and improved way to accomplish this now?
>>
>>
> Can we see the smb.conf? from your Unix domain member before we comment.
[global]
dedicated keytab file = /etc/krb5.keytab
disable spoolss = Yes
kerberos method = secrets and keytab
load printers = No
printcap name = /dev/null
realm = SAD.DOMAIN.COM
security = ADS
username map = /etc/samba/user.map
utmp = Yes
winbind cache time = 20
winbind enum groups = Yes
winbind enum users = Yes
winbind refresh tickets = Yes
winbind use default domain = Yes
workgroup = SAD
idmap config sad:unix_primary_group = yes
idmap config sad:unix_nss_info = yes
idmap config sad:range = 500-4000000
idmap config sad:schema_mode = rfc2307
idmap config sad:backend = ad
idmap config * : range = 5000000-9000000
idmap config * : backend = tdb
map acl inherit = Yes
printing = bsd
vfs objects = acl_xattr
[intra]
create mask = 0665
directory mask = 02775
path = /tftpboot/intra
read only = No
--
Harald Hannelius | harald.hannelius/a\arcada.fi | +358 50 594 1020