[Samba] samba and active directory groups

Damien Dye damien.j.dye at googlemail.com
Sat May 1 11:01:12 MDT 2010 

humm

am assuming that you want a share that is dynamic and that the group
is defined by the primary unix group of the user


if so try adding a share like this.

[group]
comment = my group folder %g
path = /path/to/folder/%g
browseable = yes
writable = yes


--
Damien Dye BSC(hon)



On 29 April 2010 23:55, Tharanga Abeyseela (RGA)
<tharanga.abeyseela at rexelga.com.au> wrote:
>
> Hi list,
>
> I have successfully authenticated active directory users with samba. Now I need to create some Active directory security groups and authenticate and redirect those users to a specific directory.
> Ex:
> IT_GROUP -  user x , user y
> FIN_group - user a, user b
>
> If the user x , access the samba server, that user will be redirected to the specific directory (that's in the samba stanza).
>
> This is my  smb.conf
>
> [global]
> workgroup = xxx
> realm = xxx.COM
> preferred master = no
> server string = Samba file and print server
> security = ADS
> encrypt passwords = yes
> password server = *
> log level = 3
> log file = /var/log/samba/%m
> max log size = 50
> winbind separator = +
> idmap uid = 10000-20000
> idmap gid = 10000-20000
> winbind enum users = yes
> winbind enum groups = yes
> auth methods = winbind
> printcap name = cups
> printing = cups
>
> [homes]
> comment = Home Directories
> path = /home/IT
> browseable = no
> writable = yes
> inherit acls = yes
> inherit permissions = yes
> #valid users = @"ADGROUP+domain users"
> valid users = @"ADGROUP+domain test_access1"
> #create mode = 0664
> #directory mode = 0775
>
> [IT]
> comment = Home Directories
> path = /home/IT
> browseable = no
> writable = yes
> #valid users = @"ADGROUP+domain users"
> directory mode = 0775
> valid users = @"ADGROUP+domain test_access2"
> write list = @"ADGROUP+domain test_access2"
> read list = @"ADGROUP+domain test_access2"
>
>
> If someone try to access the samba server (\\sambaserver<file:///\\sambaserver>)  it will  create "ADusername" directory on the server. (user Mary access the server it will create a directory named mary automatically ) I need to redirect them to a specific directory based on the Active directory group access .
>
> Can someone help to me solve the issue.
>
> Thanks,
> Tharanga
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba

More information about the samba mailing list