[Samba] (no subject)

[SABINE ZARABIAN]

Thomas Kreft wrote:

>I have a rather complex access setup for my users home-directories. This is
>because
>a) All users have to be able to read other users files (minus some private
>folders)
>b) Some users additionally have write access to specific (not: all!)
>home-directories
>
>So a user Joe also has a group called 'Joe' with members Joe, Tim and Kate.
>Hence,  Joe, Tim and Kate may write to /home/joe. I do this by editing
>smb.conf as follows:
>
>	[homes]
>        valid users = @users
>        write list = @%g
>        browseable = No
>        create mask = 0660
>        directory mask = 0770
>
>Now the question is: How do I provide the users with an easy way to access
>the various 'homes', ie. via a mapped network drive, and STILL preserve the
>'write list' option of the smb.conf?
>
>Of course, the users could type "\\SERVERNAME" into their windows explorer,
>or browse through the network neighbourhood everytime, but this is rather
>inconvenient.
>
>Or I could create a share with symlinks to all the home folders, but this
>would deprive me of the individual 'write list' access control.
>
>Hope I could make myself clear! Any ideas are highly appreciated, I'm
>completely lost.
>
>Thomas
>
>  
>
Hallo Thomas,
I would solve your problem this way:
I would create home folders like you have done /home/joe , /home/tim ...
I would create group folders like /group/joe, /group/...

in smb.conf :
 [homes]
comment = private
browseable = yes
create mask = 0700
directory mask = 0700
public = no
writeable = yes

[group]
comment = group directory
path = /group/%g
create mask = 0770
directory mask = 0770
force directory mode = 0770
force create mode = 0770
public = no
writeable = yes

in logon.bat:
net use x: \\server\homes
net use y: \\server\group

In this way, data in x:\  are private f.e. joe,
data in y:\ are readable and writeable for the  whole group f. e. joe, 
tim and kate.

Sabine
 


-- 
Sabine Zarabian

Universität Bielefeld
Fakultät für Biologie
0521 - 106 5567