Permissions problem with 1 user

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Permissions problem with 1 user

Samba - General mailing list
FreeBSD-11
Samba-4.3.5

I am having a problem with my roaming profile.  Other users are not
experiencing this, only my personal account is affected.  The error is
being reported in the event log as a 1521 permissions error.  However,
I cannot see how the permissions on the server could possibly been
changed as I am the only one with access to that device.

My roaming profile was working fine up to February 28 because on that
date I connected and updated my profile on a laptop that I took on a
business trip the next day.  However, since my return on March 7 I
have been unable to connect to my roaming profile from that laptop, or
any other workstation in the domain.

Any ideas as to what is going on?


--
***          e-Mail is NOT a SECURE channel          ***
        Do NOT transmit sensitive data via e-Mail
 Do NOT open attachments nor follow links sent by e-Mail

James B. Byrne                mailto:[hidden email]
Harte & Lyne Limited          http://www.harte-lyne.ca
9 Brockley Drive              vox: +1 905 561 1241
Hamilton, Ontario             fax: +1 905 561 0757
Canada  L8E 3C3


--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
Reply | Threaded
Open this post in threaded view
|

Re: Permissions problem with 1 user

Samba - General mailing list

On Wed, March 15, 2017 22:31, Andrew Walker wrote:
> What does your smb.conf look like? Are you using ACLs? If so, post
> 'getfacl' output for the problem directory (ie 'getfacl
> /mnt/tank/foo').
>

Thank you for your reply.  Here is the requested information.

getfacl /var/samba4/BROCKLEY-2016/PROFILES/byrnej.V2
# file: /var/samba4/BROCKLEY-2016/PROFILES/byrnej.V2
# owner: BROCKLEY-2016\byrnej
# group: BROCKLEY-2016\domain admins
user::rwx
user:3000002:rwx
group::---
group:3000002:rwx
group:BROCKLEY-2016\domain admins:---
group:BROCKLEY-2016\byrnej:rwx
mask::rwx
other::---

cat /usr/local/etc/smb4.conf
# Global parameters
[global]
        workgroup = BROCKLEY-2016
        realm = BROCKLEY-2016.HARTE-LYNE.CA
        netbios name = SAMBA-01
        server role = active directory domain controller
        dns forwarder = 216.185.71.33
        idmap_ldb:use rfc2307 = yes
        # Temp fix for roaming profiles? oplock
        veto oplock files = /NTUSER.DAT/
        veto oplock files = /ntuser.ini/

  socket options = TCP_NODELAY SO_KEEPALIVE

[netlogon]
        path = /var/db/samba4/sysvol/brockley-2016.harte-lyne.ca/scripts
        read only = No

[sysvol]
        path = /var/db/samba4/sysvol
        read only = No

[PROFILES]
        path = /var/samba4/BROCKLEY-2016/PROFILES/
        read only = No

[USERS]
        path = /var/samba4/BROCKLEY-2016/USERS/
        read only = No

The getfacl output from my profile is not visibly different from any
other user's profile saving only the user name of the OWNER.

--
***          e-Mail is NOT a SECURE channel          ***
        Do NOT transmit sensitive data via e-Mail
 Do NOT open attachments nor follow links sent by e-Mail

James B. Byrne                mailto:[hidden email]
Harte & Lyne Limited          http://www.harte-lyne.ca
9 Brockley Drive              vox: +1 905 561 1241
Hamilton, Ontario             fax: +1 905 561 0757
Canada  L8E 3C3


--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba