Hi Rowland,
Please find below smb.conf. User ?Jess.Lacey? is in read list but the group
"@Human Resources? that this user belongs to is present in write list. We
are seeing that user ?Jess.Lacey? can write even though it is mentioned in read
list.
[global]
netbios name = KJLMO4
workgroup = GATEWAY
security = ads
clustering = yes
kerberos method = system keytab
realm = GATEWAY.COM
idmap config * : range = 10000-199999
idmap config * : backend = tdb
winbind use default domain = yes
winbind refresh tickets = yes
winbind cache time = 1
smb3 share cap:continuous availability = yes
smbd profiling level = on
idmap config GATEWAY : range = 200000-2000200000
idmap config GATEWAY : backend = rid
[AI-Org]
path = /run/lustre_client/mountpoint/Perplexity-AI
read only = no
read list = "Jess.Lacey"
write list = "ashok.v","@Human Resources"
Thanks & Regards,
Srikanth NS
From: samba <samba-bounces at lists.samba.org> on behalf of Rowland Penny
via samba <samba at lists.samba.org>
Date: Monday, 15 September 2025 at 7:38?PM
To: samba at lists.samba.org <samba at lists.samba.org>
Cc: Rowland Penny <rpenny at samba.org>
Subject: Re: [Samba] Regarding User/Group ACLs
On Mon, 15 Sep 2025 13:59:39 +0000
"., Srikanth N S via samba" <samba at lists.samba.org> wrote:
> Thanks Rowland I was able to check the URL and read through the URL.
> But I am sorry I could not figure out what wrong we are doing. Could
> you please help.
>
Okay, please post the output of either 'samba-tool testparm
--suppress-prompt' if it is a Samba AD DC or 'testparm -s' if it is
a
Unix domain member (aka fileserver).
Rowland
--
To unsubscribe from this list go to the following URL and read the
instructions:
https://urldefense.com/v3/__https://lists.samba.org/mailman/options/samba__;!!NpxR!maNHR5n4aKtmsr4vqptBaKvOkvcQD3slDDQTX-aNYcSvmOasUfoGffK_6vKlFoMsPPUqEipuhmLNi2QWJVbE6m8AJnJ4iy-o$