I have a rather complex access setup for my users home-directories. This is
because
a) All users have to be able to read other users files (minus some private
folders)
b) Some users additionally have write access to specific (not: all!)
home-directories
So a user Joe also has a group called 'Joe' with members Joe, Tim and
Kate.
Hence, Joe, Tim and Kate may write to /home/joe. I do this by editing
smb.conf as follows:
[homes]
valid users = @users
write list = @%g
browseable = No
create mask = 0660
directory mask = 0770
Now the question is: How do I provide the users with an easy way to access
the various 'homes', ie. via a mapped network drive, and STILL preserve
the
'write list' option of the smb.conf?
Of course, the users could type "\\SERVERNAME" into their windows
explorer,
or browse through the network neighbourhood everytime, but this is rather
inconvenient.
Or I could create a share with symlinks to all the home folders, but this
would deprive me of the individual 'write list' access control.
Hope I could make myself clear! Any ideas are highly appreciated, I'm
completely lost.
Thomas
--
10 GB Mailbox, 100 FreeSMS http://www.gmx.net/de/go/topmail
+++ GMX - die erste Adresse für Mail, Message, More +++
[I'm terribly sorry - the Webmailer didn't warn me about the missing
subject! I couldn't come up with a decent one anyway, but here we go again.]
I have a rather complex access setup for my users home-directories. This is
because
a) All users have to be able to read other users files (minus some private
folders)
b) Some users additionally have write access to specific (not: all!)
home-directories
So a user Joe also has a group called 'Joe' with members Joe, Tim and
Kate.
Hence, Joe, Tim and Kate may write to /home/joe. I do this by editing
smb.conf as follows:
[homes]
valid users = @users
write list = @%g
browseable = No
create mask = 0660
directory mask = 0770
Now the question is: How do I provide the users with an easy way to access
the various 'homes', ie. via a mapped network drive, and STILL preserve
the
'write list' option of the smb.conf?
Of course, the users could type "\\SERVERNAME" into their windows
explorer,
or browse through the network neighbourhood everytime, but this is rather
inconvenient.
Or I could create a share with symlinks to all the home folders, but this
would deprive me of the individual 'write list' access control.
Hope I could make myself clear! Any ideas are highly appreciated, I'm
completely lost.
Thomas
--
10 GB Mailbox, 100 FreeSMS http://www.gmx.net/de/go/topmail
+++ GMX - die erste Adresse f?r Mail, Message, More +++
--
Sparen beginnt mit GMX DSL: http://www.gmx.net/de/go/dsl
Thomas Kreft wrote:>I have a rather complex access setup for my users home-directories. This is >because >a) All users have to be able to read other users files (minus some private >folders) >b) Some users additionally have write access to specific (not: all!) >home-directories > >So a user Joe also has a group called 'Joe' with members Joe, Tim and Kate. >Hence, Joe, Tim and Kate may write to /home/joe. I do this by editing >smb.conf as follows: > > [homes] > valid users = @users > write list = @%g > browseable = No > create mask = 0660 > directory mask = 0770 > >Now the question is: How do I provide the users with an easy way to access >the various 'homes', ie. via a mapped network drive, and STILL preserve the >'write list' option of the smb.conf? > >Of course, the users could type "\\SERVERNAME" into their windows explorer, >or browse through the network neighbourhood everytime, but this is rather >inconvenient. > >Or I could create a share with symlinks to all the home folders, but this >would deprive me of the individual 'write list' access control. > >Hope I could make myself clear! Any ideas are highly appreciated, I'm >completely lost. > >Thomas > > >Hallo Thomas, I would solve your problem this way: I would create home folders like you have done /home/joe , /home/tim ... I would create group folders like /group/joe, /group/... in smb.conf : [homes] comment = private browseable = yes create mask = 0700 directory mask = 0700 public = no writeable = yes [group] comment = group directory path = /group/%g create mask = 0770 directory mask = 0770 force directory mode = 0770 force create mode = 0770 public = no writeable = yes in logon.bat: net use x: \\server\homes net use y: \\server\group In this way, data in x:\ are private f.e. joe, data in y:\ are readable and writeable for the whole group f. e. joe, tim and kate. Sabine -- Sabine Zarabian Universit?t Bielefeld Fakult?t f?r Biologie 0521 - 106 5567