[Samba] Samba / ACL / File System Permissions Active Directory & winbind

Keith Sudbury keith at netzensolutions.com
Wed Jul 30 22:17:10 GMT 2008

Hi Guys,

I have a windows 2003 SBS handling domain logins, I also have an Ubuntu 
machine being used as a file server this is using winbind and is on the 
domain I can chown dirs etc with Active Directory users.

However I have the following problem, I need to allow certain users to 
access some dirs and not others... for example.

"folder1" would need to be accessed by "user1" "user2" and "user3"

Now my understanding of this would be to add users 1,2 & 3 to a group 
say for example "group1" then chown folder1 with that group?

"chown -R :"DOMAIN\Domain Users" folder1"

Thats fine but then when user 1,2 or 3 access folder1 and write to the 
folder and there primary group is "Domain Users" for example it will 
make it unreadable for other users?

I could force it to take permissions from the parent directory using 
sticky bit? but what if the users creates a dir and then another dir 
would it still take its permissions from its parent directory then?

It must be fairly common to want to set a bunch of users that are not in 
the same primary group access to one dir that no other users can access?

If any one has any ideas / feedback at all on how they have done this it 
would be great as im melting my brain thinking a way around this if im 

Many Thanks

Keith Sudbury
Netzen Solution Ltd
Suite 5, Piccadilly House, London Rd, Bath, BA1 6PL, UK
Mobile: +44 (0)7921464106
Tel: +44 (0)1225 588 588
Fax: +44 (0)1225 580 061

More information about the samba mailing list