Hello,
I use Samba 2.27 on top of Red Hat 9 as a Domain Member Server. The
integration with the NT4 Primary Domain Controller works fine. Being used to
NTFS I find the definition of Access Rights on shared files is somewhat
limited. I can only assign Access Rights tot the User, his Primary User
Group and the Everyone Group. I Understand this is a limitation of the
Linux filesystem where one assigns rights to User, Group and Others?
However there is an option valid users = [user list] that you can use to
let Samba determine who has access. As far as I have been able to test it,
this option only seems to work with users that are defined in the Linux
account database. As soon as I define the valid users option, my NT users
can not use the share. If I remove the valid users option from the share,
the problem is gone.
Another thing I don't understand is why I keep getting an Access Denied
Error when I try to modify access rights on a file I have created myself (as
an NT user) on the Samba share. The NT combo box tells me I have full
control on the file but I can not change any permissions. On the level of
Linux user group and others have read, write and execute rights, so that
should be sufficient.
So the question is: Are these bugs or are these features? And if they are
bugs, is there a fix?
I have seen the add user script option too, which seems to allow the
creation of Linux users "on the fly" But I haven't been able to
implement
it successfully (yet). Or do I have to turn my Samba server into a Domain
PDC for this option to work? Can anyone help me on this.?
Any answers are highly appreciated.
Best Regards from the Netherlands,
Henk
PS: please find my smb.conf below
----------------------------------------------------------------------------
----
Current Config
# Samba config file created using SWAT
# from 192.168.0.2 (192.168.0.2)
# Date: 2004/05/07 09:04:45
# Global parameters
[global]
workgroup = WORKGROUP
netbios name = NETBIOSNAME
security = DOMAIN
encrypt passwords = Yes
password server = *
log level = 3
log file = /tmp/%S.log
winbind uid = 10000-20000
winbind gid = 10000-20000
admin users = DOMAIN\domainadmin
printer admin = DOMAIN\domainadmin
[test]
comment = my shared folder
path = /home/samba
force group = ARCHITECT
read only = No
force create mode = 0777
force directory mode = 0777
[print$]
path = /usr/local/samba/printers
write list = [ a list of users]
read only = No
guest ok = Yes
[printers]
path = /tmp
printable = Yes
browseable = No