samba - Dec 2013 - File permissions for AD user that has been removed

What is supposed to happen to the ownership of files/directories of user in
Active Directory on a Samba (3.6.6) share after the user has been removed from
Active Directory? I see the userid is set to the uid number but admins on the
share (not root) cannot remove directories owned by the user. As a root user I
can delete the files or changed ownership. I would expect there is some way to
make these files permissions changed after the user has been deleted but I
haven't found the setting yet

On Wed, 2013-12-11 at 17:36 +0000, Ben Farris wrote:
> What is supposed to happen to the ownership of files/directories of
> user in Active Directory on a Samba (3.6.6) share after the user has
> been removed from Active Directory? I see the userid is set to the uid
> number but admins on the share (not root) cannot remove directories
> owned by the user. As a root user I can delete the files or changed
> ownership. I would expect there is some way to make these files
> permissions changed after the user has been deleted but I haven't found
> the setting yet
That falls under "don't do that". Basically it is bad practice to
remove
users from a system when they may still have files on the system. If you
do you have now lost all history of who those files belonged to, and
things like Samba will now break in unpredictable ways.

By all means deactivate them but don't actually delete them. If you
absolutely must remove them for whatever reason then you need to get a
root shell on the box and do some "find <path> -uid ### -exec chown
<newuser> '{}' \;" action to change the ownership to a valid
user and if
using quota's hope that does not bust the user who is acquiring
ownership of all these new file's quota.

JAB.

-- 
Jonathan A. Buzzard                 Email: jonathan (at) buzzard.me.uk
Fife, United Kingdom.