[Samba] Force group syntax for multiple groups
anh.le at cognex.com
Fri Oct 7 06:54:27 MDT 2011
First of all, thank you very much for reply.
I have the situation here. I want to share a directory (vobstor) which has multiple subdirectories. These subdirectories are owned by different groups. How can I setup the correct permission here in samba so that each group can has the correct access to their files? Below are my smb.conf file. With this configuration a few of groups are not able to read the files but they are able to open the shared location and see the files. Any idea would be very appreciated.
By the way, our samba server version is 3.5.11 and it is connecting to Windows 2008 R2 AD. I don't have the problem when the samba server is connecting to the Windows 2003 AD.
workgroup = ENGINEERING
realm = DOMAIN.COM
preferred master = no
server string = Samba %v - %h
security = ADS
encrypt passwords = yes
inherit acls = Yes
nt acl support = yes
inherit permissions = yes
debug level = 0
log file = /var/log/smb.log
winbind enum users = yes
winbind enum groups = Yes
winbind use default domain = Yes
winbind nested groups = Yes
winbind separator = +
;template primary group = "Domain Users"
# idmap domains = DOMAIN
idmap config DOMAIN:backend = ad
idmap config DOMAIN:default = yes
idmap config DOMAIN:readonly = yes
idmap config DOMAIN:range = 8000-50000
idmap config DOMAIN:schema = rfc2307
idmap alloc backend = tdb
idmap alloc config:range = 2000-3000
load printers = No
disable spoolss = Yes
printcap name = /dev/null
comment = Vobstor Space
path = /vobstor
read only = No
create mask = 0775
directory mask = 0775
From: Chris Weiss [mailto:cweiss at gmail.com]
Sent: Thursday, October 06, 2011 12:40 PM
To: Le, Anh; samba at lists.samba.org
Subject: Re: [Samba] Force group syntax for multiple groups
On Thu, Oct 6, 2011 at 11:13 AM, Le, Anh <anh.le at cognex.com<mailto:anh.le at cognex.com>> wrote:
> Hi All,
> What is the syntax of option "force group" for multiple groups? Is there any one can help me on this? I really appreciate it. I want to give the permission the shared directory to multiple groups but I don't know what is its syntax.
> I already tried "force group = group1, group2, group3" but it did not work.
this isn't for user group coaxing, it's for plain old POSIX primary permissions. there can only be one primary group.
More information about the samba