NethServer Version: 73.1611 all updates including 5th july 2017
Module: Samba 4 fileserver and AD
Hello
can not change the ACLs of a sub directory with windows 7 (ultimate 64bit). The ACLs from webconfig are there and new directory use them. so getfacl and windows explore are okay.
teh changes wil be lost (or ignored) somtime windows tells user had no rigth to chane the rigth and users.
if i change the rigths and userse via web the new sub dir had this ACL. I think filesystem and samba knows ACLs. The Windows7 PC is AD member and user is the AD admin.
Same problem with a fresh installation.
it sound like this bug but from the windows7 side.
did anyone had a idea?
thx axel
my file server smb.conf
[global]
#
# 10base
#
workgroup = SBS
server string = NethServer 7.3.1611 Final (Samba %v)
security = ADS
realm = SBS.URBANSKI.DE
kerberos method = secrets and keytab
netbios name = NETH
# test reg support
include = registry
[global]
# log files split per-machine:
log file = /var/log/samba/log.%m
# maximum size of 50KB per log file, then rotate:
max log size = 50
# Only bind to allowed NIC's
bind interfaces only = yes
interfaces = 127.0.0.1 192.168.38.0/24
hosts allow = 127.0.0.1 192.168.38.0/255.255.255.0 192.168.52.0/255.255.255.0
# Idle time before disconnecting the client
deadtime = 10080
# Alias NETBIOS names, used to provide access to Samba via multiple hostnames
netbios aliases =
; WINS setup (other server)
wins server =
remote announce =
remote browse sync =
; Guest access (#1882). Shares must be guest-ok, to allow it.
map to guest = Bad User
; create home dirs if missing (#5090)
obey pam restrictions = yes
# SambaAudit configuration
full_audit:prefix = smbauditlog|%T|%u|%I|%S|%U
full_audit:success = read write open unlink mkdir rmdir rename chmod
full_audit:failure = read write open unlink mkdir rmdir rename chmod
full_audit:facility = LOCAL7
full_audit:priority = INFO
printing = cups
printcap name = cups
[printers]
comment = All Printers
path = /var/spool/samba
browseable = no
guest ok = no
writable = no
printable = yes
use client driver = yes
;
; Home directories
;
[homes]
comment = Home directories
browseable = no
writable = yes
create mode = 0660
force create mode = 0660
directory mode = 0770
force directory mode = 0770
;
; Added to support printer drivers download
; This share is writable according to Unix file permissions
;
[print$]
comment = Printer drivers
path = /var/lib/nethserver/print_driver
guest ok = yes
browseable = yes
writable = no
[profiles]
comment = roaming
browsable = no
path = /data/profiles
read only = no
store dos attributes = yes
create mask = 0600
directory mask = 0700
profile acls = yes
csc policy = disable
#
# 10base -- ibay neth-alle definition.
# Required profile is ""
# Applied profile is "default"
#
[neth-alle]
path = /var/lib/nethserver/ibay/neth-alle
comment = für alle angemeldeten user
# 20profile_default:
read only = no
inherit permissions = yes
; Add group write bit to default create mask, remove DOS archive bit (see below) #2039
create mask = 0664
inherit owner = yes
; Use extended attribute to store DOS attributes (see man page)
store dos attributes = yes
map archive = no
map readonly = no
inherit acls = yes
map acl inherit = yes
guest ok = no
browseable = yes
# 90vfs_output
vfs objects = recycle
recycle: exclude_dir = /tmp,/temp,/cache
recycle: repository = Recycle Bin
recycle: versions = True
recycle: keeptree = True
recycle: touch = True
recycle: directory_mode = 0770
recycle: exclude = *.tmp,*.temp,*.o,*.obj,~$*