Hey, I'm courious whether you could solve the problem. I tried to set the sticky bit on the share but still cannot save word/excel files to a samba share. There is no acl in my configuration.
Thanks, grassu On Tue, Aug 24, 2010 at 5:07 PM, Karsten Hoffmann <khoffm...@adventos.de> wrote: > Thanks for your advice, but no change ... > > I actually noticed some strange in net groupmap > To me it looks like we have two different sambaSID, > Could the problem be a false mapping of unix group "users"? > > fileserver:~# net getlocalsid WORKGROUP > SID for domain WORKGROUP is: S-1-5-21-2486266552-4179740748-4022069874 > > fileserver:~# net groupmap list > Domain Admins (S-1-5-21-2486266552-4179740748-4022069874-512) -> Domain > Admins > Domain Users (S-1-5-21-2486266552-4179740748-4022069874-513) -> Domain > Users > Domain Guests (S-1-5-21-2486266552-4179740748-4022069874-514) -> Domain > Guests > Domain Computers (S-1-5-21-2486266552-4179740748-4022069874-515) -> > Domain Computers > Administrators (S-1-5-32-544) -> Administrators > Account Operators (S-1-5-32-548) -> Account Operators > Print Operators (S-1-5-32-550) -> Print Operators > Backup Operators (S-1-5-32-551) -> Backup Operators > Replicators (S-1-5-32-552) -> Replicators > users (S-1-5-21-3588677525-3898198964-4119851206-1201) -> users > ak (S-1-5-21-2486266552-4179740748-4022069874-3001) -> ak > fa (S-1-5-21-3588677525-3898198964-4119851206-3003) -> fa > im (S-1-5-21-3588677525-3898198964-4119851206-3005) -> im > am (S-1-5-21-3588677525-3898198964-4119851206-3011) -> am > friend (S-1-5-21-3588677525-3898198964-4119851206-3013) -> friend > tg (S-1-5-21-3588677525-3898198964-4119851206-3015) -> tg > hn (S-1-5-21-3588677525-3898198964-4119851206-3017) -> hn > kontakt (S-1-5-21-3588677525-3898198964-4119851206-3021) -> kontakt > ct (S-1-5-21-3588677525-3898198964-4119851206-3023) -> ct > mm (S-1-5-21-3588677525-3898198964-4119851206-3019) -> mm > sso (S-1-5-21-3588677525-3898198964-4119851206-3025) -> sso > nk (S-1-5-21-3588677525-3898198964-4119851206-3007) -> nk > sp (S-1-5-21-3588677525-3898198964-4119851206-3009) -> sp > ck (S-1-5-21-3588677525-3898198964-4119851206-3049) -> ck > gs (S-1-5-21-3588677525-3898198964-4119851206-3051) -> gs > sr (S-1-5-21-3588677525-3898198964-4119851206-3053) -> sr > friend2 (S-1-5-21-3588677525-3898198964-4119851206-3055) -> friend2 > cv (S-1-5-21-3588677525-3898198964-4119851206-3057) -> cv > ts (S-1-5-21-3588677525-3898198964-4119851206-3059) -> ts > om (S-1-5-21-3588677525-3898198964-4119851206-3065) -> om > mg (S-1-5-21-3588677525-3898198964-4119851206-3067) -> mg > dw (S-1-5-21-2486266552-4179740748-4022069874-3069) -> dw > vm (S-1-5-21-3588677525-3898198964-4119851206-3071) -> vm > GF (S-1-5-21-2486266552-4179740748-4022069874-3027) -> jb > Berater (S-1-5-21-2486266552-4179740748-4022069874-3029) -> Berater > Team1 (S-1-5-21-2486266552-4179740748-4022069874-3031) -> Team1 > Team2 (S-1-5-21-2486266552-4179740748-4022069874-3033) -> Team2 > Team3 (S-1-5-21-2486266552-4179740748-4022069874-3035) -> Team3 > Officemanagement (S-1-5-21-2486266552-4179740748-4022069874-3037) -> > Officemanagement > vw (S-1-5-21-2486266552-4179740748-4022069874-3039) -> vw > jo (S-1-5-21-2486266552-4179740748-4022069874-3041) -> jo > > > Regards > Karsten > > > > >> Try your: nt acl support = Yes >> IN nt acl support = NO >> >> ----------------------------------------------- >> EDV Daniel Müller >> >> Leitung EDV >> Tropenklinik Paul-Lechler-Krankenhaus >> Paul-Lechler-Str. 24 >> 72076 Tübingen >> >> Tel.: 07071/206-463, Fax: 07071/206-499 >> eMail: muel...@tropenklinik.de >> Internet: www.tropenklinik.de >> ----------------------------------------------- >> >> -----Ursprüngliche Nachricht----- >> Von: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] Im >> Auftrag von Karsten Hoffmann >> Gesendet: Dienstag, 24. August 2010 14:16 >> An: samba >> Betreff: [Samba] Word/Excel documents cannot be saved after Samba Upgrade >> >> Hi, >> >> after upgrading Samba 3.0.24 to Samba 3.5.4 a strange problem occurs: >> >> Users cannot anymore save files in MS Office (Word/Excel) on Samba >> shares. More precisely: >> Save as Office 2007 documents or RTF-Files works fine, but *.doc ist >> avoided with Error Message "Not enough memory". >> Of course there are lots of memory/space and ACL/Permissions should be >> ok since other file operations are working as expected. >> >> I found some posts reporting this problem before, but nothing really >> solved the issue. >> >> As I understand that this problem is well known, and should be solved. >> I would appreciate any hint. >> >> testparam -vvv >> [global] >> dos charset = CP850 >> unix charset = UTF-8 >> display charset = LOCALE >> workgroup = WORKGROUP >> realm = >> netbios name = FILESERVER >> netbios aliases = >> netbios scope = >> server string = %h (Samba %v) >> interfaces = >> bind interfaces only = Yes >> security = USER >> auth methods = >> encrypt passwords = Yes >> update encrypted = No >> client schannel = Auto >> server schannel = Auto >> allow trusted domains = Yes >> map to guest = Never >> null passwords = No >> obey pam restrictions = Yes >> password server = * >> smb passwd file = /etc/samba/smbpasswd >> private dir = /etc/samba >> passdb backend = ldapsam >> algorithmic rid base = 1000 >> root directory = >> guest account = nobody >> enable privileges = Yes >> pam password change = No >> passwd program = /usr/bin/passwd %u >> passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX >> \spassword:* %n\n *password\supdated\ssuccessfully* . >> passwd chat debug = No >> passwd chat timeout = 2 >> check password script = >> username map = >> password level = 0 >> username level = 0 >> unix password sync = No >> restrict anonymous = 0 >> lanman auth = No >> ntlm auth = Yes >> client NTLMv2 auth = No >> client lanman auth = No >> client plaintext auth = No >> preload modules = >> dedicated keytab file = >> kerberos method = default >> map untrusted to domain = No >> log level = 3 >> syslog = 0 >> syslog only = No >> log file = /var/log/samba/log.%m >> max log size = 1000 >> debug timestamp = Yes >> debug prefix timestamp = No >> debug hires timestamp = Yes >> debug pid = No >> debug uid = No >> debug class = No >> enable core files = Yes >> smb ports = 445 139 >> large readwrite = Yes >> max protocol = NT1 >> min protocol = CORE >> min receivefile size = 0 >> read raw = Yes >> write raw = Yes >> disable netbios = No >> reset on zero vc = No >> acl compatibility = auto >> defer sharing violations = Yes >> nt pipe support = Yes >> nt status support = Yes >> announce version = 4.9 >> announce as = NT >> max mux = 50 >> max xmit = 16644 >> name resolve order = lmhosts wins host bcast >> max ttl = 259200 >> max wins ttl = 518400 >> min wins ttl = 21600 >> time server = No >> unix extensions = Yes >> use spnego = Yes >> client signing = auto >> server signing = No >> client use spnego = Yes >> client ldap sasl wrapping = plain >> enable asu support = No >> svcctl list = >> deadtime = 0 >> getwd cache = Yes >> keepalive = 300 >> lpq cache time = 30 >> max smbd processes = 0 >> paranoid server security = Yes >> max disk size = 0 >> max open files = 16384 >> socket options = TCP_NODELAY >> use mmap = Yes >> hostname lookups = No >> name cache timeout = 660 >> ctdbd socket = >> cluster addresses = >> clustering = No >> ctdb timeout = 0 >> load printers = Yes >> printcap cache time = 750 >> printcap name = >> cups server = >> cups encrypt = No >> cups connection timeout = 30 >> iprint server = >> disable spoolss = No >> addport command = >> enumports command = >> addprinter command = >> deleteprinter command = >> show add printer wizard = Yes >> os2 driver map = >> mangling method = hash2 >> mangle prefix = 1 >> max stat cache size = 256 >> stat cache = Yes >> machine password timeout = 604800 >> add user script = >> rename user script = >> delete user script = >> add group script = >> delete group script = >> add user to group script = >> delete user from group script = >> set primary group script = >> add machine script = /usr/sbin/smbldap-useradd -w "%u" >> shutdown script = >> abort shutdown script = >> username map script = >> logon script = logon.cmd >> logon path = \\%L\profiles\%U >> logon drive = >> logon home = \\%N\%U >> domain logons = Yes >> init logon delayed hosts = >> init logon delay = 100 >> os level = 20 >> lm announce = Auto >> lm interval = 60 >> preferred master = No >> local master = Yes >> domain master = Auto >> browse list = Yes >> enhanced browsing = Yes >> dns proxy = No >> wins proxy = No >> wins server = >> wins support = Yes >> wins hook = >> kernel oplocks = Yes >> lock spin time = 200 >> oplock break wait time = 0 >> ldap admin dn = "cn=admin,dc=menyesch,dc=de" >> ldap delete dn = No >> ldap group suffix = ou=Groups >> ldap idmap suffix = >> ldap machine suffix = ou=Computers >> ldap passwd sync = no >> ldap replication sleep = 1000 >> ldap suffix = dc=menyesch,dc=de >> ldap ssl = no >> ldap ssl ads = No >> ldap deref = auto >> ldap follow referral = Auto >> ldap timeout = 15 >> ldap connection timeout = 2 >> ldap page size = 1024 >> ldap user suffix = ou=People >> ldap debug level = 0 >> ldap debug threshold = 10 >> eventlog list = >> add share command = >> change share command = >> delete share command = >> preload = >> lock directory = /var/lib/samba >> state directory = /var/lib/samba >> cache directory = /var/lib/samba >> pid directory = /var/run/samba >> utmp directory = >> wtmp directory = >> utmp = No >> default service = >> message command = >> get quota command = >> set quota command = >> remote announce = >> remote browse sync = >> socket address = 0.0.0.0 >> nmbd bind explicit broadcast = Yes >> homedir map = auto.home >> afs username map = >> afs token lifetime = 604800 >> log nt token command = >> time offset = 0 >> NIS homedir = No >> registry shares = No >> usershare allow guests = No >> usershare max shares = 0 >> usershare owner only = Yes >> usershare path = /var/lib/samba/usershares >> usershare prefix allow list = >> usershare prefix deny list = >> usershare template share = >> panic action = /usr/share/samba/panic-action %d >> perfcount module = >> host msdfs = Yes >> passdb expand explicit = No >> idmap backend = tdb >> idmap alloc backend = >> idmap cache time = 604800 >> idmap negative cache time = 120 >> idmap uid = >> idmap gid = >> template homedir = /home/%D/%U >> template shell = /bin/false >> winbind separator = \ >> winbind cache time = 300 >> winbind reconnect delay = 30 >> winbind enum users = No >> winbind enum groups = No >> winbind use default domain = No >> winbind trusted domains only = No >> winbind nested groups = Yes >> winbind expand groups = 1 >> winbind nss info = template >> winbind refresh tickets = No >> winbind offline logon = No >> winbind normalize names = No >> winbind rpc only = No >> create krb5 conf = Yes >> comment = >> path = >> username = >> invalid users = >> valid users = >> admin users = >> read list = >> write list = >> printer admin = >> force user = >> force group = >> read only = Yes >> acl check permissions = Yes >> acl group control = No >> acl map full control = Yes >> create mask = 0744 >> force create mode = 00 >> security mask = 0777 >> force security mode = 00 >> directory mask = 0755 >> force directory mode = 00 >> directory security mask = 0777 >> force directory security mode = 00 >> force unknown acl user = No >> inherit permissions = No >> inherit acls = No >> inherit owner = No >> guest only = No >> administrative share = No >> guest ok = No >> only user = No >> hosts allow = >> hosts deny = >> allocation roundup size = 1048576 >> aio read size = 0 >> aio write size = 0 >> aio write behind = >> ea support = No >> nt acl support = Yes >> profile acls = No >> map acl inherit = No >> afs share = No >> smb encrypt = auto >> block size = 1024 >> change notify = Yes >> directory name cache size = 100 >> kernel change notify = Yes >> max connections = 0 >> min print space = 0 >> strict allocate = No >> strict sync = No >> sync always = No >> use sendfile = No >> write cache size = 0 >> max reported print jobs = 0 >> max print jobs = 1000 >> printable = No >> printing = cups >> cups options = >> print command = >> lpq command = %p >> lprm command = >> lppause command = >> lpresume command = >> queuepause command = >> queueresume command = >> printer name = >> use client driver = No >> default devmode = Yes >> force printername = No >> printjob username = %U >> default case = lower >> case sensitive = Auto >> preserve case = Yes >> short preserve case = Yes >> mangling char = ~ >> hide dot files = Yes >> hide special files = No >> hide unreadable = No >> hide unwriteable files = No >> delete veto files = No >> veto files = >> hide files = >> veto oplock files = >> map archive = Yes >> map hidden = No >> map system = No >> map readonly = yes >> mangled names = Yes >> store dos attributes = No >> dmapi support = No >> browseable = Yes >> access based share enum = No >> blocking locks = Yes >> csc policy = manual >> fake oplocks = No >> locking = Yes >> oplocks = Yes >> level2 oplocks = Yes >> oplock contention limit = 2 >> posix locking = Yes >> strict locking = Auto >> share modes = Yes >> dfree cache time = 0 >> dfree command = >> copy = >> preexec = >> preexec close = No >> postexec = >> root preexec = >> root preexec close = No >> root postexec = >> available = Yes >> volume = >> fstype = NTFS >> set directory = No >> wide links = No >> follow symlinks = Yes >> dont descend = >> magic script = >> magic output = >> delete readonly = No >> dos filemode = No >> dos filetimes = Yes >> dos filetime resolution = No >> fake directory create times = No >> vfs objects = >> msdfs root = No >> msdfs proxy = >> >> >> [Public] >> comment = Die Freigabe fuer alle >> path = /srv/public >> read only = No >> create mask = 0777 >> force create mode = 0777 >> directory mask = 0777 >> force directory mode = 0777 >> >> Thanks >> Karsten > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba