[Samba] Help needed: valid users

Chris Osicki osk at admin.swisscom-mobile.ch
Wed Sep 16 13:24:10 MDT 2009


I'm using Samba 3.0.33 on Solaris10 and have the following problem.
In the smb.conf I have 

    workgroup = CORPROOT
    security = domain

and users authenticated to CORPROOT domain can connect shares
w/o problems, [homes] for example.
Now I would like to create a share and restrict access to it just 
to a dozen of users or so.

I tried 
  valid users = +docs
  force user = usodocs

where docs is a group in /etc/group and it didn't work.
Looks like Samba is trying to look up the group docs on the domain
controller in the CORPROOT domain.

So, I tried this

  valid users = CORPROOT\user
  force user = usodocs

it works. 
According to man page 
   valid users = +docs
should work.
I must be missing something, but what?

Is there any better/nicer way to achieve what I'm looking for?
That is, to give a group of users full control over content of 
a share.
I have several Linux Samba servers where I use POSIX ACLs to control
read/write rights on the OS level and it works fine. 

I tried the same on the Solaris10 box with ZFS and its ACLs and it
didn't work as expected (posted about it few weeks ago, no answers though)

I would be very thankful for any help.

BTW, anyone any idea how to attract attention to a post on this list?
Virtual beer as attachment? ;-)
My success rate is by now close to nothing.

Thanks for your time.


Chris Osicki osk at osk.ch
Dipl. Informatik-Ing. HTL

More information about the samba mailing list