[Samba] Re: read and write list
mperkins at lbmc.com
Wed Mar 17 16:44:50 GMT 2004
On Wednesday, March 17, 2004, Igor Kryltsov wrote:
> I can not find information how to configure a share to allow everyone
> read access and users of specific NT group write access.
> smb.conf looks like: [global]
> log level = 2
> syslog = 2
> workgroup = AMITY
> netbios name = AMITYDEVEL
> guest account = nobody
> security = server
> password server = AMDATA
> hosts allow = 10.
> local master = yes
> socket options = TCP_NODELAY
> writable = yes
> guest ok = yes
Take these entries out of your global configuration:
writable = yes
guest ok = yes
>2) My share configuration now looks like:
> comment = Web Application AMS Development
> path = /var/ams
> guest ok = Yes
> write list = @"AMITY+Domain Admins"
> write list = @"Domain Admins"
> read only = No
> volume = WEB_APPLICATION_AMS_DEVELOPMENT
>I do not belong to group "Domain Admins" but still can write to share.
Change your share permission to this:
comment = Web Application AMS Development
path = /var/ams
write list = @"AMITY+Domain Admins"
volume = WEB_APPLICATION_AMS_DEVELOPMENT
With this share definition, only members of the Domain Admins group
should be able to write to the directory. For read only users, add <read
list = Group> to the share definition.
More information about the samba