[Samba] Is there a simple way to let particular windows users have
read/write on ALL samba shares?
john
lists.john at gmail.com
Fri Sep 7 23:16:25 GMT 2007
Hi all,
I have a samba server that provides storage for student users.
Teachers want to be able to see and copy files from one student
directory to another, but students should not be able to see and copy
files from other students. I thought defining my teachers as "admin
users" would do the trick but it didn't. What is the most rational way
to do this?
My SAMBA Server is joined to AD via winbind.
Relevant portions of smb.conf is below
Many thanks for any help someone might provide!
John
security = ads
realm = VANGUARD
server string = studentserv
password server = 10.114.5.50
workgroup = VANGUARD
# winbind separator = +
idmap backend = idmap_rid:VANGUARD=10000-200000
idmap uid = 10000-200000
idmap gid = 10000-200000
winbind enum users = yes
winbind enum groups = yes
winbind nested groups = yes
log level = 5
template homedir = /home/%D/%U
#template homedir = /home/%G/%U
template shell = /bin/bash
client use spnego = yes
client ntlmv2 auth = yes
encrypt passwords = yes
allow trusted domains = no
winbind use default domain = yes
restrict anonymous = 2
domain master = no
local master = no
preferred master = no
os level = 0
#======================= Share Definitions =======================
# Un-comment the following (and tweak the other settings below to suit)
# to enable the default home directory shares. This will share each
# user's home directory as \\server\username
#[homes]
# comment = Home Directories
# browseable = no
[ALLSTUDENTS]
path = /home/ALLSTUDENTS
# valid users = %S
readonly = no
writable = yes
printable = no
create mode = 0700
directory mode = 0700
admin users = @"VANGUARD\domain admins" @"VANGUARD\mcmcomputer admins"
vfs objects = recycle
recycle: config-files = /etc/samba/samba-recycle.conf
More information about the samba
mailing list