[Samba] Complex [homes] rule

Adam Tauno Williams awilliam at whitemice.org
Tue Mar 10 18:26:43 GMT 2009

On Tue, 2009-03-10 at 18:10 +0000, David Markey wrote:
> No..
> I want only postgrad group to have access but I dont want them to access
> anyone elses home directory as discussed previously(using the valid users =
> %D%w%S).
> In other words i need some kind of AND statement.
> i.e. valid users = @DOMAIN\postgrads AND %D%w%S

Have you actually tried -

        comment = Home Directory
        path = %D%U
	valid users = @postgrads

I think it will do what you want.  The path expands to the value of %D%U
and the user doesn't have anyway around that.  Therefore @postgrads
would be the only one's with access to %D%U but %D%U expands
specifically to the user's DOMAINlogin.  They won't have access to
anyone else's shares unless they do so by some other means.

OpenGroupware developer: awilliam at whitemice.org
OpenGroupare & Cyrus IMAPd documenation @

More information about the samba mailing list