AD users with write privileges are not able to delete files on a samba share

Solution Verified - Updated -

Issue

  • Samba is using short AD user names with the "winbind use default domain = true" setting in smb.conf.
  • Directory permissions are set to 755 on the share folder.

    [root@rhel5 ~]# ls -la /test/
    total 16
    drwxr-xr-x  2 abc xyz 4096 Nov 23 13:24 .
    drwxr-xr-x 26 root    root     4096 Nov 23 13:15 ..
    
  • The share in smb.conf uses the force user and group setting.

[test]
    path = /test
    public = no
    writable = yes
    force user = abc
    force group = xyz
    printable = no
    create mask = 0664
    directory mask = 0775
    valid users = @xyz

  • Users in "xyz" group can access the share. They can read, modify and create. But they cannot delete.
  • Users are part of the default domain in Active Directory(AD).

Environment

  • Red Hat Enterprise Linux 5
  • samba version samba3x-3.5.4-0.83
  • Active Directory (Windows 2003)

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In
Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.