[Samba] Sharing Samba share with Domain User Access

Mark Foley mfoley at novatec-inc.com
Sun Apr 28 01:12:51 UTC 2024


I have a new Linux Domain member on a Samba DC (4.18.9). I want this member to
be a file server, and I want all members of the "Domain Users" group to have
g+rw access to all the files and diretories in that share.

I also want local non-domain users to have access to these files and folders.

I'm a bit perplexed has to how to configure this. In smb.conf I'm guessing:

--------------------
[public]
comment = OHPRS main file and document repository
path = /mnt/RAID/public

force group = "Domain Users"
# and possibly:
force create mode = 0660
---------------------

Yes? 

For non-domain users, I could always make all files/directory o-rw, but if I
wanted to limit that to e.g. user joe, is there something I could configure? In
smb.conf? In /etc/group?

On the DC, the users' group is 100:

# getent passwd "HPRS\\mark"
HPRS\mark:*:3000023:100:Mark Foley:/home/HPRS/mark:/bin/false

So for "joe" could I just add the following to /etc/group:

users:x:100:joe

A wrinkle with that is getent on the domain member has a different group:

# getent passwd HPRS\\mark
HPRS\mark:*:11105:10513:Mark Foley:/home/mark:/bin/bash

Why would that be? Why wouldn't the domain member have the same user/group as
the Domain Controller? In any case, I supposed if I were to use /etc/group I'd
use whatever group getent on that host shows.


Thanks --Mark




More information about the samba mailing list