You shouldn't need the invalid users list. Only people in the Valid Users
list can access the share, they contradict each other.
EXCERPT FROM man smb.conf:
valid users (S)
This is a list of users that should be allowed to
login to this service. Names starting with '@',
'+'
and '&' are interpreted using the same rules as
described in the invalid users parameter.
If this is empty (the default) then any user can
login. If a username is in both this list and the
invalid users list then access is denied for that
user.
Hope this helps!!
Josh
On Tuesday 19 February 2002 06:05, Philip Reynolds
wrote:> Hi,
>
> I've been looking at Samba's access control, and according to the
> documentation it's provides me with what I want, however, I'm not
so
> sure if this is the case.
>
> Take the following scenario:
>
> As Administrator I am in the following groups
>
> admin_group, user_group1, user_group2
>
> There is an administrator share:
>
> --------------8<------------
>
> [Admin]
> invalid users = @user_group1, @user_group2
> valid users = @admin_group
> path = /export/path/to/admin/share
> write list = @admin_group
> writeable = yes
>
> --------------<8------------
>
> I want to explain the first two entries in the config.
> The first one should deny any user in user_group1 or user_group2
> (which it does)
>
> For the second however, I want it to override the first, and say
> anyone in admin_group should be allowed access, this doesn't work
> though.
>
> In summary: I only want admin_group to have access to this share, by
> whatever means necessary (I realise this is possible through UNIX
> permissions, however I'd prefer not to do this)
>
> Phil.
_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com