User administrator without access to several shares -- ?A menos que modifiquemos a nossa maneira de pensar, n?o seremos capazes de resolver os problemas causados pela forma como nos acostumamos a ver o mundo". Albert Einstein
Am 01.07.2015 um 03:41 schrieb Edson J Bueno:> User administrator without access to several sharesIs this everything you tell us and expect help? :-) Regards, Marc
Am 01.07.2015 um 20:20 schrieb Edson J Bueno:> then not know how to explain, only know that's when I access some > shared folders on the network have not lit. It does not generate > log me.* A good start is show us your smb.conf [global] and share section. * Does only the Admin can't access share? What about the users? * What do the logs say when you try to access the share? Increase the log level, if it is to low and you don't get anything (useful) logged. * etc. Regards, Marc
On 01/07/15 02:41, Edson J Bueno wrote:> User administrator without access to several shares >Quer dizer que administrador n?o pode acessar algumas partes, este poderia ser para baixo para permiss?es de acesso ou m? configura??o. Posso sugerir, porque esta falando uma lista de discuss?o Ingl?s, voc? encontrar algu?m que fala Ingl?s e lev?-los a escrever suas perguntas. If the above looks wrong, don't blame me, blame google translate :-D Rowland
On 01/07/15 22:18, Edson J Bueno wrote:> [global] > workgroup = D*** > realm = d***.*** > netbios name = AD > server role = active directory domain controller > server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, > drepl, winbindd, ntp_signd, kcc, dnsupdate > idmap_ldb:use rfc2307 = yes > kerberos method = system keytab > client ldap sasl wrapping = sign > allow dns updates = nonsecure and secure > nsupdate command = /usr/bin/nsupdate -g > allow nt4 crypto = yes > kccsrv:samba_kcc = false > dsdb:schema update allowed = yes > ### Winbind > winbind enum users = Yes > winbind enum groups = Yes > winbind use default domain = Yes > winbind nss info = rfc2307 > template shell = /bin/bash > ### Audit > vfs objects = full_audit > full_audit:success = open, opendir, write, unlink, rename, > mkdir, rmdir, chmod, chown > full_audit:prefix = %u|%I|%S > full_audit:failure = none > full_audit:facility = local5 > full_audit:priority = notice > ### LOGS > log file = /var/log/samba/samba.log > max log size = 50000 > log level = 3 > debug uid = yes > vfs objects = recycle full_audit > ### LIXEIRA > [Lixeira] > vfs objects = recycle > recycle:repository = /data/trash/%U > recycle:keeptree = yes > recycle:versions = yes > # recycle:exclude = *.tmp, *.log, *.obj, ~*.*, *.bak, *.iso > recycle:exclude_dir = tmp, cache > path = /data/trash/%U > read only = No > > [netlogon] > path = /usr/local/samba/var/locks/sysvol/d***.***/scripts > read only = No > [sysvol] > path = /usr/local/samba/var/locks/sysvol > read only = No > > [Publicidade] > path = /data/publicidade > read only = No > valid users = @publicidade > [Administrativo] > path = /data/financeiro > read only = No > valid users = @financeiro > > > > Define the access by group, the administrator is in all groups, for > example there only put two groups one he has access to all normal and > the other accesses or already asks for a password. > > Em 1 de julho de 2015 16:23, Rowland Penny > <rowlandpenny241155 at gmail.com> escreveu: >> On 01/07/15 02:41, Edson J Bueno wrote: >>> User administrator without access to several shares >>> >> Quer dizer que administrador n?o pode acessar algumas partes, este poderia >> ser para baixo para permiss?es de acesso ou m? configura??o. >> Posso sugerir, porque esta falando uma lista de discuss?o Ingl?s, voc? >> encontrar algu?m que fala Ingl?s e lev?-los a escrever suas perguntas. >> >> If the above looks wrong, don't blame me, blame google translate :-D >> >> Rowland >> >> -- >> To unsubscribe from this list go to the following URL and read the >> instructions: https://lists.samba.org/mailman/options/samba > >OK, I think I understand what you mean, the AD 'Administrator' user is a member of all AD groups, but can only access one of these shares: Publicidade, Administrativo But not the other. This sounds like a permissions problem, check the unix and windows permissions on both shares, they are probably different. Rowland
On 01/07/15 22:55, Edson J Bueno wrote:> you have a manual on this subject?You could try here: https://wiki.samba.org/index.php/Setup_and_configure_file_shares_with_Windows_ACLs> > if so then he is allowed to administrative and not have to finance,No, sorry, if there is a question there, I do not understand it. I will repeat what I said before, please find an English speaker and get them to write your questions. Also, could you please keep these posts onlist, do not email me direct. Rowland> > > 2015-07-01 17:40 GMT-04:00 Rowland Penny <rowlandpenny241155 at gmail.com>: >> On 01/07/15 22:18, Edson J Bueno wrote: >>> [global] >>> workgroup = D*** >>> realm = d***.*** >>> netbios name = AD >>> server role = active directory domain controller >>> server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, >>> drepl, winbindd, ntp_signd, kcc, dnsupdate >>> idmap_ldb:use rfc2307 = yes >>> kerberos method = system keytab >>> client ldap sasl wrapping = sign >>> allow dns updates = nonsecure and secure >>> nsupdate command = /usr/bin/nsupdate -g >>> allow nt4 crypto = yes >>> kccsrv:samba_kcc = false >>> dsdb:schema update allowed = yes >>> ### Winbind >>> winbind enum users = Yes >>> winbind enum groups = Yes >>> winbind use default domain = Yes >>> winbind nss info = rfc2307 >>> template shell = /bin/bash >>> ### Audit >>> vfs objects = full_audit >>> full_audit:success = open, opendir, write, unlink, rename, >>> mkdir, rmdir, chmod, chown >>> full_audit:prefix = %u|%I|%S >>> full_audit:failure = none >>> full_audit:facility = local5 >>> full_audit:priority = notice >>> ### LOGS >>> log file = /var/log/samba/samba.log >>> max log size = 50000 >>> log level = 3 >>> debug uid = yes >>> vfs objects = recycle full_audit >>> ### LIXEIRA >>> [Lixeira] >>> vfs objects = recycle >>> recycle:repository = /data/trash/%U >>> recycle:keeptree = yes >>> recycle:versions = yes >>> # recycle:exclude = *.tmp, *.log, *.obj, ~*.*, *.bak, *.iso >>> recycle:exclude_dir = tmp, cache >>> path = /data/trash/%U >>> read only = No >>> >>> [netlogon] >>> path = /usr/local/samba/var/locks/sysvol/d***.***/scripts >>> read only = No >>> [sysvol] >>> path = /usr/local/samba/var/locks/sysvol >>> read only = No >>> >>> [Publicidade] >>> path = /data/publicidade >>> read only = No >>> valid users = @publicidade >>> [Administrativo] >>> path = /data/financeiro >>> read only = No >>> valid users = @financeiro >>> >>> >>> >>> Define the access by group, the administrator is in all groups, for >>> example there only put two groups one he has access to all normal and >>> the other accesses or already asks for a password. >>> >>> Em 1 de julho de 2015 16:23, Rowland Penny >>> <rowlandpenny241155 at gmail.com> escreveu: >>>> On 01/07/15 02:41, Edson J Bueno wrote: >>>>> User administrator without access to several shares >>>>> >>>> Quer dizer que administrador n?o pode acessar algumas partes, este >>>> poderia >>>> ser para baixo para permiss?es de acesso ou m? configura??o. >>>> Posso sugerir, porque esta falando uma lista de discuss?o Ingl?s, voc? >>>> encontrar algu?m que fala Ingl?s e lev?-los a escrever suas perguntas. >>>> >>>> If the above looks wrong, don't blame me, blame google translate :-D >>>> >>>> Rowland >>>> >>>> -- >>>> To unsubscribe from this list go to the following URL and read the >>>> instructions: https://lists.samba.org/mailman/options/samba >>> >>> >> OK, I think I understand what you mean, the AD 'Administrator' user is a >> member of all AD groups, but can only access one of these shares: >> >> Publicidade, Administrativo >> >> But not the other. >> >> This sounds like a permissions problem, check the unix and windows >> permissions on both shares, they are probably different. >> >> Rowland >> > >