slightly_toasted

Asked: 2021-09-18 09:01:28 +0800 CST2021-09-18 09:01:28 +0800 CST 2021-09-18 09:01:28 +0800 CST

Sticky bit directory not behaving as expected when accessed by Active Directory accounts via Samba

I have a CentOS Samba server that is domain joined to an Active Directory domain controller for authentication.

My understanding is setting the sticky bit on a directory will prevent any children from being moved or deleted by anyone except root and the owner.

This configuration behaves as expected when accessed by local users. E.g. A non-root, non-owner attempting to delete or move a file inside the sticky bit directory will receive a Permission denied error.

However, when doing the same via the Samba share while logged in as an AD account, I am able to delete and move the children of the sticky bit directory.

How come AD users aren't subject to the same restrictions as local users?

And how can I prevent AD users from moving/deleting children of a sticky bit directory?

Sticky bit directory not behaving as expected when accessed by Active Directory accounts via Samba

Can you pass user/pass for HTTP Basic Authentication in URL parameters?

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?

Sticky bit directory not behaving as expected when accessed by Active Directory accounts via Samba

0 Answers