ACL problems on CIFS shares when file saved inside Microsoft Excel

Status
Not open for further replies.
anodos

anodos

Sambassador
iXsystems
Joined
Mar 6, 2014
Messages
9,554
I am encountering the following problem on CIFS shares on FreeNAS 9.2.1.2.: ACLs are being set to give the file owner read and write access, but the group access to read-only when files are saved on CIFS shares through Microsoft Excel. If files are saved locally and copied to the CIFS share, then no ACLs are set.

Current workaround:
  • On file shares where everyone has read and write access, I am using the samba flag "force user = x". This is undesirable.
  • The file owner on windows clients can manually fix the ACLs through his/her workstation. This is a hassle
Ideal solution:(please let me know if you know how to do this)
  • I want ACLs to not be set on files when they are saved in Office.
Possible workarounds that I may look into:(tell me if these are dead-ends or not possible)
  • Define a default ACL policy on a share-by-share basis (not sure if this is possible in samba)
  • Create a cron job that recursively deletes ACLs. (This would work in our current use-case, but I do not have experience working with ACLs so I am not sure what command to input and I am not sure how much load this would put on the server).
Additional Background Information
  • Clients are Windows XP and Windows 7 (hopefully all Windows 7 in a week) with Office 2007.
  • At present the FreeNAS appliance is not joined to our AD domain (but workstations are domain members). Authentication is against users / groups on the FreeNAS device.
  • Shares are "windows / mac shares" with "Windows ACLs"
  • I have tried setting share type to "Unix Share". Excel still set ACLs, but said ACLs were no longer editable by the Windows client workstations.
Any pointers would be much appreciated. Let me know if you want to look over the SMB.conf or any other files I should upload.
 
K

kingtj

Dabbler
Joined
Jun 21, 2011
Messages
26
I don't have any answers for your problem, but I found the fact you ran into this interesting. Where I work, we have several QNAP NAS units in use, and were just struggling with pretty much the same issue with those. Users saving Excel documents from their PC workstations directly to SMB shares on the NAS were having problems where nobody else had permission to make changes to the saved documents afterwards.

We assume this is really a Microsoft bug in Office and how it saves its documents? But regardless, a work-around at the NAS level sure would be nice!
 
anodos

anodos

Sambassador
iXsystems
Joined
Mar 6, 2014
Messages
9,554
The above behavior also occurs when saving files to the CIFS share via notepad. This indicates that it may be standard behavior when saving files via Windows. I will do more testing tomorrow.
 
Status
Not open for further replies.

Similar threads

T
  • Locked
SOLVED SMB per share permissions, why ACL?
Replies
5
Views
7K
Ericloewe
Ericloewe
bmcclure937
  • Locked
CIFS/SMB Share Configuration
Replies
5
Views
2K
DifferentStrokes
DifferentStrokes
C
Unable to copy a file via an NFS share with ACL permissions applied
Replies
3
Views
1K
morganL
M
M
  • Locked
SOLVED Windows share not correctly inheriting ACLs
Replies
2
Views
7K
MainUser
M
P
  • Locked
SOLVED CIFS group permissions on NFS Share - am I screwed?
Replies
2
Views
1K
pcloadetter
P
Top