AD users with write privileges are not able to delete files on a samba share

Solution Verified - Updated -

Issue

  • Samba is using short AD user names with the "winbind use default domain = true" setting in smb.conf.

  • Directory permissions are set to 755 on the share folder.

    [root@rhel5 ~]# ls -la /test/
total 16
drwxr-xr-x  2 abc xyz 4096 Nov 23 13:24 .
drwxr-xr-x 26 root    root     4096 Nov 23 13:15 ..

  • The share in smb.conf uses the force user and group setting.

[test]
    path = /test
    public = no
    writable = yes
    force user = abc
    force group = xyz
    printable = no
    create mask = 0664
    directory mask = 0775
    valid users = @xyz

  • Users in "xyz" group can access the share. They can read, modify and create. But they cannot delete.
  • Users are part of the default domain in Active Directory(AD).

Environment

  • Red Hat Enterprise Linux 5
  • samba version samba3x-3.5.4-0.83
  • Active Directory (Windows 2003)

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content