[Samba] Suggestions on group permissions

Don Walters donrwalters at gmail.com
Mon Jan 12 15:31:55 GMT 2009

I have a user community of about 2000 users and a samba server running on
AIX that currently hosts a read-only share for the whole company.

    path = /mypath
    guest ok = Yes

But now I have been requested to make this share available as read-only for
some users and completely inaccessible to everyone else.  The number of
users who will have access is probably a few hundred and I expect users to
be added/removed on a daily basis.  Some of the users have unix logins,
while others do not.

Because of this, I hesitate to mess with user mapping because I would have
to manage this every day, unless I do something with a script.

Can someone suggest a scheme I can use to deny everyone except for certain

Someone here in my office suggested we use hosts allow or deny, since the
users who will still have access are located on the same subnet.  However,
there is a distinct possibility that a small number of people on a few other
subnets will need access.  Is there a way I can specify hosts allow but
still allow specific users from other subnets?

Forgive me if this question has been asked before.  I'm sure it must have
been, but I am having trouble doing a search of the archives that will give
me advice about this particular problem.

Thanks in advance.

More information about the samba mailing list