Hello all. Seems I can't find the root cause of $subj.
When I store a file on my "home", it gets chmodded ugo+x ... My smb.conf is: -8<-- [global] workgroup = PERSONALE realm = PERSONALE.EXAMPLE.COM server string = Local shares netbios name = STR00160-SAMBA security = ADS encrypt passwords = true password server = personale.example.com log file = /var/log/samba/log.%m log level = 0 max log size = 50 socket options = TCP_NODELAY SO_RCVBUF=32768 SO_SNDBUF=32768 local master = No dns proxy = No wins server = 192.168.25.77 # Fixes instability of name resolution (gid-to-name) client schannel = no # Unix extensions give troubles with permissions from Macs unix extensions = no wide links = no # We need a local user for str00160-web and backup auth methods = guest sam winbind:ntdomain winbind enum users = No winbind enum groups = No winbind offline logon = Yes winbind nested groups = Yes winbind normalize names = Yes winbind refresh tickets = Yes winbind use default domain = yes # Catch other domains idmap backend = tdb idmap uid = 10000-99999 idmap gid = 10000-99999 idmap config PERSONALE : backend = rid idmap config PERSONALE : base_rid = 500 idmap config PERSONALE : range = 100000 - 49999999 idmap config STUDENTI : backend = rid idmap config STUDENTI : base_rid = 500 idmap config STUDENTI : range = 50000000 - 99999999 template homedir = /srv/shared/%D/%U # Don't show a "printers" icon when browsing the server show add printer wizard = no load printers = no printing = bsd printcap name = /dev/null disable spoolss = yes [homes] comment = Home Directories # Standard options for homes browseable = no read only = no create mask = 0600 directory mask = 0711 # Fix reported capacity block size = 4096 # Use ACL to store attributes acl group control = Yes inherit acls = Yes store dos attributes = yes dos filemode = yes # I want users to be able to sare their data... #valid users = %D\%S path = /srv/shared/%D/%S # Equivalent of pam_mkhomedir, but more versatile root preexec = /opt/checklogon '%S' '%H' '%u' '%P' '%D' '%U' -8<-- The underlying fs supports acls and xattrs: /dev/sdb1 on /srv/shared type xfs (rw,acl,user_xattr,quota) # getfacl /srv/shared/PERSONALE/diego.zuccato/ getfacl: Removing leading '/' from absolute path names # file: srv/shared/PERSONALE/diego.zuccato/ # owner: diego.zuccato # group: 100013 # flags: s-- user::rwx user:str00160-backup:rw- #effective:--- group::rwx #effective:--x mask::--x other::--x default:user::rwx default:user:diego.zuccato:rwx default:group::--x default:group:100013:--x default:mask::rwx default:other::--- Another strange thing is that, with this last command, it stopped resolving 100013 to PERSONALE\domain_users ... any possible reason? I can see [2012/07/30 09:29:23.572740, 0] winbindd/winbindd_ads.c:1039(lookup_groupmem) ads_ranged_search failed with: Invalid DN syntax in log.wb-PERSONALE . Before that, it was correctly resolved: # id diego.zuccato uid=108036(diego.zuccato) gid=100013(domain_users) gruppi=100013(domain_users),[...] but now: # id diego.zuccato uid=108036(diego.zuccato) gid=100013 gruppi=100013,[...] Before I added "client schannel = no" it happened randomly and quite frequently. The domain is M$ AD. Samba is 3.5.6 . Tks, Diego. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba