AD users with write privileges are not able to delete files on a samba share
Issue
- Samba is using short AD user names with the "winbind use default domain = true" setting in smb.conf.
-
Directory permissions are set to 755 on the share folder.
[root@rhel5 ~]# ls -la /test/ total 16 drwxr-xr-x 2 abc xyz 4096 Nov 23 13:24 . drwxr-xr-x 26 root root 4096 Nov 23 13:15 .. -
The share in smb.conf uses the force user and group setting.
[test]
path = /test
public = no
writable = yes
force user = abc
force group = xyz
printable = no
create mask = 0664
directory mask = 0775
valid users = @xyz
- Users in "xyz" group can access the share. They can read, modify and create. But they cannot delete.
- Users are part of the default domain in Active Directory(AD).
Environment
- Red Hat Enterprise Linux 5
- samba version samba3x-3.5.4-0.83
- Active Directory (Windows 2003)
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.
Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.
