Hi List, my problem is the following: I use Samba 3.5 with AD password authentification and uid/gid information in local files. Everything seems to work so far, when i create files via samba the created files have correct user/group information on linux filesystem level (so i think id mapping works basicly). The only thing that does not work is deleting files which - belong to other users from the same group and - are stored in directories which belong to other users from the same group, although the file/directory permissions are correct, and the same delete operation works via rm locally. (So the behavior on samba level is like as the sticky bit on that directory is set). In other test cases create/delete operations work as expected. Any help very appreciated! Regards, Markus -- NEU: FreePhone - kostenlos mobil telefonieren und surfen! Jetzt informieren: http://www.gmx.net/de/go/freephone
Would this parameter help you?
dos filemode (S)
The default behavior in Samba is to provide UNIX-like behavior where
only the owner of a file/directory is able to change the permissions
on it. However, this behavior is often confusing to DOS/Windows
users. Enabling this parameter allows a user who has write access to
the file (by whatever means, including an ACL permission) to modify
the permissions (including ACL) on it. Note that a user belonging to
the group owning the file will not be allowed to change permissions
if the group is only granted read access. Ownership of the
file/directory may also be changed. Note that using the VFS modules
acl_xattr or acl_tdb which store native Windows as meta-data will
automatically turn this option on for any share for which they are
loaded, as they require this option to emulate Windows ACLs correctly.
Default: //|dos filemode|/ = |no| /
On 03/03/2011 8:37 AM, markus hansen wrote:> Hi List,
>
> my problem is the following:
>
> I use Samba 3.5 with AD password authentification and uid/gid information
in local files. Everything seems to work so far, when i create files via samba
the created files have correct user/group information on linux filesystem level
(so i think id mapping works basicly).
>
> The only thing that does not work is deleting files which
> - belong to other users from the same group and
> - are stored in directories which belong to other users from the same
group,
>
> although the file/directory permissions are correct, and the same delete
operation works via rm locally. (So the behavior on samba level is like as the
sticky bit on that directory is set).
>
> In other test cases create/delete operations work as expected.
>
> Any help very appreciated!
>
> Regards, Markus
>
>
Alexander Stein
2011-Mar-03 19:31 UTC
[Samba] Debian Lenny 5.04 and DMS in Windows 2000 Native Domain + Forest with Samba 3.2.5
Hello All, I have been struggling with this for a long, long time. I came here looking for answers. So, I have a VM running Debian Lenny. I install the apt package samba, which installs 3.2.5. I work in a large university with an extensive Active Directory environment, both forest and domain running in Win2k native mode. There is a NetApp filer which houses all our admin files, scripts, and installers. Nothing really special. The computer, FILESERVER, is in the child domain of the forest, whose root domain is DOMAIN.FOREST.UNIVERSITY.TLD. The root domain is FOREST.UNIVERSITY.TLD. Now, can I mount this without joining the domain? I have tried reading the documentation, and I think this is telling me no.> Use of raw SMB over TCP/IP (No NetBIOS layer) can be done only with Active Directory domains. Samba is not an Active Directory domain controller: ergo, it is not possible to run Samba as a domain controller and at the same time not use NetBIOS. Where Samba is used as an Active Directory domain member server (DMS) it is possible to configure Samba to not use NetBIOS over TCP/IP. A Samba DMS can integrate fully into an Active Directory domain, however, if NetBIOS over TCP/IP is disabled, it is necessary to manually create appropriate DNS entries for the Samba DMS because they will not be automatically generated either by Samba, or by the ADS environment. [0]So if I do not need to join this Debian VM to the domain, what is the proper config and/or command structure? I have toyed with "disable netbios = yes" and "security = ads", but it still does now work well. When I run smbclient, I can pull up a connection just fine, browse files, and even upload.> smbclient -L \\\\fileserver.domain.forest.university.tld\\PubShare0 -W DOMAIN.FOREST.UNIVERSITY.TLD -U my_ad_accountHowever, mounting it never, ever works. It mentions NBT being disabled when getting a share list, among all the shares listed.> Domain=[DOMAIN] OS=[Windows 5.0] Server=[Windows 2000 LAN Manager] > > Sharename Type Comment > --------- ---- ------- > IPC$ IPC Remote IPC > ETC$ Disk Remote Administration > C$ Disk Remote Administration > Data$ Disk > PubShare0 Disk > PubShare1 Disk > PubShare2 Disk > PubShare3 Disk > PubShare5 Disk > PubShare5 Disk > Connection to fileserver.domain.forest.university.tld failed (Error NT_STATUS_CONNECTION_REFUSED) > NetBIOS over TCP disabled -- no workgroup availableWhen I mount, I envitably get an IO error.> BACC-UTIL-VM:/home/me# whoami > root > BACC-UTIL-VM:/home/me# smbmount //fileserver.domain.forest.university.tld/PubShare0 /mnt/fileserver/pubshare0/ --verbose -o domain=DOMAIN.FOREST.UNIVERSITY.TLD,user=my_ad_account > Password: > > mount.cifs kernel mount options: unc=//fileserver.domain.forest.university.tld\share,ip=10.XXX.XX.XX,ver=1,domain=GEORGETOWN.MEI.GEORGETOWN.EDU,user=ajs67,pass=********mount error 5 = Input/output error > Refer to the mount.cifs(8) manual page (e.g.man mount.cifs) > BACC-UTIL-VM:/home/me#Why is this? Will it go away if and when I join the domain? The IP address is accurate and their are proper DNS entries. None of the variations I try work. As someone clued me in on IRC, NBT is probably the culprit here, so I want to better understand the underlying principle, and then figure out the correct config for the future. Sorry for the outrageously long email, but I love my Linux and hate my Windows. This will make my transition much, much easier. Best, _AJS [0]http://samba.org/samba/docs/man/Samba-HOWTO-Collection/NetworkBrowsing.html#id2580798
Alexander Stein
2011-Mar-03 19:42 UTC
[Samba] Debian Lenny 5.04 and DMS in Windows 2000 Native Domain + Forest with Samba 3.2.5
All, Please also excuse my inability to properly format email or scrub log data. I have serious issues today, apparently. Regards, _AJS
Hi, Thank you for your reply. Unfortunately turning on the dos filemode parameter on did not change the behavior. Any more Ideas? Regards, Markus -------- Original-Nachricht --------> Datum: Thu, 03 Mar 2011 12:44:47 -0600 > Von: Dale Schroeder <dale at BriannasSaladDressing.com> > An: markus hansen <hansenmarkus at gmx.de> > CC: Samba <samba at lists.samba.org> > Betreff: Re: [Samba] Can not delete files via Samba in some cases> Would this parameter help you? > > > dos filemode (S) >-- Schon geh?rt? GMX hat einen genialen Phishing-Filter in die Toolbar eingebaut! http://www.gmx.net/de/go/toolbar