I've recently been "playing" with Samba4 as a test to whether our small business can make use of it.
I've found what I believe to be an oddity (or two) and was after opinions on how normal this is under Arch.
I can join the domain fine, messed about with GPO's and can use the Windows tools to add users to the domains. The things which are throwing me a little and not what I expected are to do with permissions and ownership of files in shares.
If I log in as a standard user and create a file in a share, there is no problem with it being created, but the default permissions are globally changeable. Also the owner of the file is not the user that created it, but a numeric id of 3000000 which is BUILTIN/Administrators. This to me, does not sound normal. Surely the owner should be the user that created the file? I have previously used Samba3 and that is how the file shares worked for me. I was wondering if others had done any tests with Samba4 and if this is normal behaviour under (Arch)Linux? I realise I can change the "create mask" under the share, but it does not seem to be creating things under the default setting (my smb.conf is bare minimal created when provisioning the domain)
The second thing I've noticed is wbinfo and getent don't pick up the Samba users/groups when run as a normal user, only as root. This may be standard, but when doing a directory listing as a normal user it means I'm only shown numerical uid/gid's.
# Global parameters [global] workgroup = SAM-TEST realm = SAM-TEST.LOCAL netbios name = VM-LX-DC server role = active directory domain controller dns forwarder = 192.168.5.254 [netlogon] path = /var/lib/samba/sysvol/sam-test.local/scripts read only = No [sysvol] path = /var/lib/samba/sysvol read only = No [homes] read only = no [public] path = /home/sambashares/Public read only = no browseable = yes
Am I just missing something simple here? ;-)
Hmm.. just as an addition, I did a quick install of FreeBSD on Xen and installed their port of S4. It seems these permissions are something specifically to do with S4, as it defaults to the same even though the man page gives a different mask as default - although under BSD, the files are created under the correct username so I guess there are some slight differences depending on OS.
Off to the Samba lists about the permissions I think....
Edit: In case anybody is further interested, the permission appears to be a bug in the current release (http://www.spinics.net/lists/samba/msg106537.html). I guess this is what happens to early adopters ;-)
Last edited by Daren (2013-03-15 16:55:15)