I setup a share
path = /srv/samba/test
with the following permissions:
drwxr-xr-x 2 root root 4096 12. Jul 09:43 /srv/samba/test/
If I have configured the the share in smb.conf without "read only = no". Then the domain admin can create files/directories on the share, but can't delete them (normal users can't do both). Also I can't configure any permissions on the share/folders. Only the creation of files/folders is possible, what is not 100% read-only.
Also if I set "read only = yes" on the share this happens.
thanks for the report.
Could you attach your complete configuration?
And if possible level 10 logs of the
admin access (successful create and failing delete)
Cheers - Michael
Created attachment 7696 [details]
Created attachment 7697 [details]
I must correct my previous statement. It's only possible to create folders (not files) as domain admin, if the share is read only = yes (or not set).
Find attached the logs of creating a folder "Neuer Ordner" and trying to delete it again.
I don't know if this is a different problem, or maybe it's related to this one:
The domain admin seems to be handled different on some other places too, like here:
I had my logonscript batch file on the netlogon share with permission 644 (rw-r--r-). It was executed on login as domain administrator, but not as normal user. After I changed the permissions to 755 (rwx-r-xr-x) it was executed for all normal users, too. (Filesystem of the netlogon share is ext4 with user_xattr enabled).
This is fixed at least in 4.2rc1. Haven't tried older versions.
read only = Yes
or where it's not defined (default = yes), are read-only now for the Domain Admin, too.