I setup a share [test] path = /srv/samba/test with the following permissions: drwxr-xr-x 2 root root 4096 12. Jul 09:43 /srv/samba/test/ If I have configured the the share in smb.conf without "read only = no". Then the domain admin can create files/directories on the share, but can't delete them (normal users can't do both). Also I can't configure any permissions on the share/folders. Only the creation of files/folders is possible, what is not 100% read-only. Also if I set "read only = yes" on the share this happens.
Hi Marc, thanks for the report. Could you attach your complete configuration? And if possible level 10 logs of the admin access (successful create and failing delete) Cheers - Michael
Created attachment 7696 [details] smb.conf
Created attachment 7697 [details] logfiles I must correct my previous statement. It's only possible to create folders (not files) as domain admin, if the share is read only = yes (or not set). Find attached the logs of creating a folder "Neuer Ordner" and trying to delete it again.
I don't know if this is a different problem, or maybe it's related to this one: The domain admin seems to be handled different on some other places too, like here: I had my logonscript batch file on the netlogon share with permission 644 (rw-r--r-). It was executed on login as domain administrator, but not as normal user. After I changed the permissions to 755 (rwx-r-xr-x) it was executed for all normal users, too. (Filesystem of the netlogon share is ext4 with user_xattr enabled).
This is fixed at least in 4.2rc1. Haven't tried older versions. Shares with read only = Yes or where it's not defined (default = yes), are read-only now for the Domain Admin, too.