NT PDC & Samba

Peter Köhler koehler at idas.de
Fri Nov 12 08:24:56 GMT 1999


good to hear the news. I guess from now on you will get along.

Still, some advice on setting unix rights for shares.
>From my point of view it is not desirable to set up shares with
world read/write access - in particular if normal unix logons
(telnet or so) are enabled.

My suggestion is to set up the shares with group read/write access
- i.e. 770 - and create a unix group corresponding to each share
which contains all the users that should have access to that particular
share. This still has the problem that a user may make a file belonging
to him read only and no other group member can make this writable
again. If this is not the desired behaviour then you will have to create
a fake user for each share and use the force user directive to let
samba carry out all file operations under that user.

Best regards

Dr. Peter Koehler +++ IDAS GmbH
Holzheimer Str. 96 +++ D-65549 Limburg +++ Germany
Phone: +49-6431-404-14 +++ Fax: +49-6431-404-10
eMail: koehler at idas.de

----- Original Message -----
From: Mike Westkamper
To: koehler at idas.de
Cc: Multiple recipients of list SAMBA-NTDOM
Sent: Thursday, November 11, 1999 11:49 PM
Subject: Re: NT PDC & Samba

Thanks for your help. I am one step closer. The linux/samba box will allow
me to see the shares if I logged onto the NT domain.  Two steps were
vital... The creation of the entry in the NT domain controller for the linux
box AND logging on to the domain, not onto my system as a local
administrator. This now sounds obvious, however the steps can be trickey.
One problem remains.. the ability to write to the shares.
here is a snip from smb.conf
        path = /public
        read only = No
        guest ok = Yes
What I want to do is to allow all domain users the ability to read/write the
public share.
I have set up the directory as follows...
[root at auxfs /]# dir -l
drwxr-xr-x   2 root     root         2048 Oct 15 15:29 bin
drwxr-xr-x   3 root     root         1024 Oct 15 15:35 boot

More information about the samba-ntdom mailing list