Can anyone tell me how I can do a multiple level user share? What I'm having trouble configuring is a share that allows all users to use the first directory of the share, and then in subdirectories of the first directory only allow specified users access. I can't find anything similar in any docs on the internet nor in the O'Reilly Using Samba book. Thanks. Kevin
Wouldn't you control that with filesystem permissions? Depending on your OS and Samba versions you could probably either use ACLs or just group permissions, make the protected directories mode 0770 (for example) and chgrp them to UNIX groups containing only those users permitted access. Since I don't have ACL support on one of my servers I use this to control access to certain directories on a common file share. On Tue, Mar 12, 2002 at 02:08:27PM -0600, Kevin Bramblett wrote:> Can anyone tell me how I can do a multiple level user share? What I'm > having trouble configuring is a share that allows all users to use the first > directory of the share, and then in subdirectories of the first directory > only allow specified users access. I can't find anything similar in any > docs on the internet nor in the O'Reilly Using Samba book.-- That feeling just came over me. -- Albert DeSalvo, the "Boston Strangler"
--On Tuesday, March 12, 2002 2:08 PM -0600 Kevin Bramblett <kbramblett@dssresearch.com> wrote:> Can anyone tell me how I can do a multiple level user share? What I'm > having trouble configuring is a share that allows all users to use the > first directory of the share, and then in subdirectories of the first > directory only allow specified users access. I can't find anything > similar in any docs on the internet nor in the O'Reilly Using Samba book.We are using our Samba server as PDC. We are doing a form of this in this fashion: *ALL* users map the /PROJECTS share as the P: drive through their logon batch file. On the Linux side, the various directory folders for various projects are 'owned' by a certain group, say MANAGERS. In /etc/group all the managers have 'secondary' membership in the MANAGERS group, though their 'primary' groups in /etc/passwd may be different (ACCTG, or IT, or RESEARCH for example). Do a chgrp on the MANAGERS folder inside the PROJECTS folder (so group ownership on it is MANAGERS), and set perms 770. That will enable all managers to access the folder. You may also need to work on the settings in your smb.conf. Make sense? We're still working out some of the bugs, but things look good so far. - john