ham,[Samba] Creating a group share
Prakash Velayutham
prakash.velayutham at cchmc.org
Wed Nov 14 14:48:59 GMT 2007
To add more info, I am seeing the following in the logs. So I am
guessing authentication is working fine. It is something with regards
to the group membership that is not.
[2007/11/14 09:41:06, 5] auth/auth.c:check_ntlm_password(296)
check_ntlm_password: PAM Account for user [prakash] succeeded
[2007/11/14 09:41:06, 2] auth/auth.c:check_ntlm_password(309)
check_ntlm_password: authentication for user [prakash] ->
[prakash] -> [prakash] succeeded
Thanks,
Prakash
On Nov 14, 2007, at 8:57 AM, Dale Schroeder wrote:
> Prakash,
>
> You have inadvertently combined two parameters. There is no "valid
> write list" parameter.
> You should use
> write list = +WTCCC
> valid users = +WTCCC
>
> It should work after correcting the parameter.
>
> Good luck,
> Dale
>
> Prakash Velayutham wrote:
>>
>> Hello,
>>
>> I have a Samba PDC (3.x) running in a OpenSUSE 10.2 system. The
>> authentication backend is Open LDAP.
>>
>> I want to create a group share (WTCCC) which should be accessible
>> to a group of users (belonging to a group called WTCCC). The users'
>> possess this group as their secondary group (NOT primary).
>>
>> And the share folder would have its gid bit set, so all the writes
>> to the folder would be accessible further by only people belonging
>> to WTCCC. Also I want a default umask of 770 for the shared folder
>> too.
>>
>> Could someone suggest a share configuration that can do these?
>>
>> Currently, I have
>>
>> [JIAGEN1]
>> comment = JIAGEN project share
>> path = /export/newWTCCC
>> valid write list = +WTCCC
>> # acl check permissions = true
>> # acl group control = yes
>> browseable = Yes
>> # read only = No
>> inherit acls = Yes
>> force group = +WTCCC
>> writable = yes
>> create mask = 0660
>> directory mask = 0770
>>
>> But as soon as I change the ownership of /export/newWTCCC to
>> root:WTCCC, the users are not able to access the share. But if I
>> have the force group enabled, everyone is able to access the share
>> (as it forces everyone to belong to the group, which should not be
>> the case).
>>
>> Thanks,
>> Prakash
More information about the samba
mailing list