samba - Mar 2007 - write list doesn't override read only paramater

Hi all,

I'm trying to set up a share that is readable by everyone, but writable 
by only a few.  From my understanding, this should work:

[audio]
        path = /tank/media/Audio
        comment = Audio Files
        write list = sound, @"Domain Admins", @"Associate
Admins"
        force user = data
        force group = other
        read only = Yes


The user sound (who is in the Windows Domain that this server is a 
member of) should be able to write to the share.  The local user data 
has write permissions on the directory.  The user sound is able to 
connect and read, but not write.  If I change read only to No, the sound 
user can write to the share, but so can everyone else.  Here is my 
complete config file for reference:

[global]
        workgroup = EX
        realm = EXAMPLE.COM
        server string = media.example.com
        security = ADS
        password server = 192.168.0.32
        log level = 3
        log file = /var/log/samba/%m
        max log size = 50
        printcap name = cups
        preferred master = No
        local master = No
        ldap ssl = no
        idmap uid = 10000-20000
        idmap gid = 10000-20000
        winbind separator = +
        winbind enum users = Yes
        winbind enum groups = Yes
        winbind use default domain = Yes
        printing = cups
        print command = lpr -P'%p' %s; rm %s
        lpq command = lpq -P'%p'
        lprm command = lprm -P'%p' %j
        lppause command = lp -i '%p-%j' -H hold
        lpresume command = lp -i '%p-%j' -H resume
        queuepause command = disable '%p'
        queueresume command = enable '%p'

[audio]
        path = /tank/media/Audio
        comment = Audio Files
        write list = sound, @"Domain Admins", @"Associate
Admins"
        force user = data
        force group = other
        read only = Yes


Thanks!
--Jason

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Jason M. Kusar wrote:
> Hi all,
> 
> I'm trying to set up a share that is readable by 
> everyone, but writable by only a few.  From
> my understanding, this should work:
> 
> [audio]
>        path = /tank/media/Audio
>        comment = Audio Files
>        write list = sound, @"Domain Admins", @"Associate
Admins"
>        force user = data
>        force group = other
>        read only = Yes
First thing is to fully qualify the domain names.  This has been
a software requirement since 3.0.8 and a hard requirement
since 3.0.23.






cheers, jerry
====================================================================Samba       
------- http://www.samba.org
Centeris                         -----------  http://www.centeris.com
"What man is a man who does not make the world better?"      --Balian
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFF9XS2IR7qMdg1EfYRAr0uAJwPSsyw0GqKe/KMRU8lJnJ/Ri7mqACg1EEi
CSL+gVsOqDZ9HYSM6PVMpdA=dW8o
-----END PGP SIGNATURE-----