Good-day Folks,
I have a small OpenMediaVault (OMV) v6.0.46-5 deployment, running the Proxmox Kernel v5.19.17-1-pve (so I can have a ZFS filesystem) to support Windows 10 clients (primarily) in a Microsoft Active Directory environment. OMV is integrated with Active Directory and my goal is to create a non-public share, expose it to the Windows clients via SMB/CIFS, and then allow members of a certain security group (Domain Admins in this instance) to be able to create additional folders and manage permissions on those folders from a Windows client.
Thus far, I have been successful, except that even though members of the security group can create subfolders in the SMB/CIFS share from a Windows client, they are unable to manage the permissions. I keep getting the error:
Failed to Enumerate Objects in the Container. Access Denied
I came upon this article in the Samba Wiki, which mentioned that in order to be able to manage share permissions from a Windows host, the user account being used to do this must possess the SeDiskOperatorPrivilege privilege. So I followed the guide to grant my Domain Admins group this privilege, as well as adding the acl_xattr:ignore system acls = yes parameter to the share settings via the OMV Web UI. I have rebooted the OMV Server to confirm that Samba is reloaded, but I'm still facing the access denied message when attempting to manage permissions from a Windows client.
Any help is greatly appreciated, thank you.
P.S. I have already posted this question via the OpenMediaVault forum, but haven't gotten any responses yet, hence my posting it here.
