Web lists-archives.com

Re: [Samba] Can only access new SAMBA fileshare from Windows as privileged user SAMDOM/Administrator, not as an ordinary user.




On Mon, 1 Apr 2019 15:12:21 +0100
Stephen via samba <samba@xxxxxxxxxxxxxxx> wrote:

> Hi Rowland, thanks for your suggestions. I have read and re-read the 
> Samba docs to try and understand where I went wrong here.
> 
> I added the uidNumber and gidNumber exactly as per your comments and 
> that seems to improve the situation markedly. I can now at least see 
> that the share exists from SAMDOM\stephenellwood which wasn't
> possible before. File access is now possible from
> SAMDOM/stephenellwood when I configure NTFS security permissions to
> allow read and write access for group Everyone.
> 
> I am still seeing issues with fileshare access from custom AD groups 
> though. For example, I removed the NTFS security permissions access
> to group Everyone on my share. 

Put 'Everyone' back, you need it ;-)

>I then created a group OgdenFilesUsers
> using the ADUC RSAT tool and added SAMDOM/stephenellwood to this.
> Even when security permissions are set for OgdenFilesUsers to allow
> read and write permissions it still won't seem to allow access. For
> good measure I then went and set the gidNumber attribute for my newly
> created OgdenFilesUsers group to 10001 but that didn't make any
> difference.
> 

Try reading this:

https://wiki.samba.org/index.php/Setting_up_a_Share_Using_Windows_ACLs

Rowland

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba