Web lists-archives.com

Re: [Samba] error on the modificed permission




Hai, (oeps, typed this in the morning ) 


> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces@xxxxxxxxxxxxxxx] Namens 
> marco pirola via samba
> Verzonden: woensdag 13 februari 2019 11:27
> Aan: samba@xxxxxxxxxxxxxxx
> Onderwerp: Re: [Samba] error on the modificed permission
> 
> Yes , i optaing SeDiskOperatorPrivilege:
>    ROBINOOD\Domain Admins
>    BUILTIN\Administrators
> 
> Il 13/02/2019 11:11, Rowland Penny via samba ha scritto:
> > On Wed, 13 Feb 2019 10:55:46 +0100
> > marco pirola via samba <samba@xxxxxxxxxxxxxxx> wrote:
> >
> >> Thanks rowald: naw optaing  getent group Domain\ Admins
> >> domain admins:x:10512:administrator
> >>
> >> but if I usa administrator to join in the domain i optaing
> >> I get that the user does not have the rights to set the permissions
> >> to the share
> >>
> >> wat a war: it dont's want to know :'(
> >>
> > Does:
> >
> > net rpc rights list privileges SeDiskOperatorPrivilege -U 
> "ROBINOOD\administrator"
> >
> > Show 'Domain Admins' having the 'SeDiskOperatorPrivilege' ?
> >
> > Does ls -lad /home/samba/samba/
> >
> > Show something like this:
> >
> > drwxrwx--- 2 root domain_admins 4096 Feb 12 10:47 /home/samba/samba/

The folder below the shared folder needs correct rights also. 

Try to set this.  
If this is the samba home : /home/samba
And you sharing             /home/samba/samba/ as \\server\samba 

Then set 3775 : on  /home/samba 

chown root:Domain\ Admins /home/samba
chmod 3775 /home/samba

chown root:Domain\ Admins /home/samba/samba 
chmod 3775 /home/samba/samba

Now try again. 
If its not working, try again but set 3777 on all, create a folder, check the acl's. 

I normaly start like this. 

Bit explained, this is "LOCAL" access on the linux server 
install -d /home/samba -o root -g "administrators" -m 3775 

Im using "BUILTIN\Administrators" because thats "normaly" a LOCAL group. 
And "Domain Admins" is member of "BUILTIN\Administrators" 

This is the "REMOTE" acces on the linux server.
install -d /home/samba/samba -o root -g "Domain Admins" -m 3775 

As of this point the Domain Admins administer the rights on the shares. 



Greetz, 

Louis


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba