Michael Davidson
2008-Dec-31 16:21 UTC
[Samba] Fixed problem with permissions on new server
Here is the solution to a problem that I recently had. (I almost emailed this list asking for help, but then a co-worker clued me into the solution.) Server: a new Cent OS 5.1 install with Samba 3.0.28 that is joined to a Win 2003 domain. Client: Win XP Pro SP3, member of same domain A user was attempting to save an Excel file which had 644 perms and was owned by her. As soon as she saved it, Excel threw a cryptic error stating that the file had been saved, but had to be re-opened read-only. Subsequent attempts to open the file gave a permission denied error, saying the file was possibly encrypted or corrupted. Looking at the file's security properties in Windows (XP Pro SP3) showed four access entries: Her (the owner): should have had R/W, but had no access Domain users group: should have had R, but had no access Everyone: should have had R, but had no access Unix User 504: this access entry should not have been there It turns out that the directory containing the Excel file was owned by a local user and group I had failed to carry over from the previous system. Samba apparently freaked out and applied bizarre permissions to the file, including an ACE for the nonexistent user. I had transferred all the shared files from a previous system, using rsync to retain correct file ownership and permissions. What is actually retained is the Linux UID and GID for each file and directory, so you must ensure that your Linux and Winbind users (and groups) have the same underlying IDs from the old server to the new one. I was careful to do this with the domain (Winbind) users, but failed to do this for the local system users. The old server had a local user called "samba" with UID 504 that owned some of the directories within the share. So, the symptom was bizarre and cryptic, but the solution was to make sure all of the files and directories are owned by existing users and groups. I hope this helps someone!! Michael Davidson Mount Washington Observatory
Apparently Analagous Threads
Wisdom of the Ancients
