[Samba] Really confused on Samba and ACL

[J Gao]

Hello,

I am trying to build a Samba standalone server to serve file sharing in 
our office for both Ubuntu and Windows clients. Ubuntu user will use 
mount.cifs to mount the share. Windows (XP/7) will use workgroup to 
access the share.

I am using Samba 3.6.9 on CentOS 6.3 (64bit).

Now I am having problem to setup correct ACL so please help me. Here is 
my situation:

I'll have directories like:
/projects
/projects/US
/projects/US/clientA
/projects/US/clientB
/projects/US/clientB/projectXX
/projects/US/clientB/projectYY
/projects/CA
/projects/MX

Groups:
--staff: all staff
--projectadmin: the bosses (have full access to /projects and sub dirs)
--projmanageus: US regional managers (have full access to /projects/US 
and sub dirs.)
--projmanageca: Canada regional managers(have full access to 
/projects/CA and sub dirs.)
--projmanagemx: Mexico regional managers(have full access to 
/projects/MX and sub dirs.)
--projectXXgroup: (access the projectXX and sub dirs only)
--projectYYgroup: (access the projectYY and sub dirs only)

Here is the confused part:
How many shares should I setup? I like to just setup one share 
"projects" and allow everyone to be able to mount it via cifs. But the 
further navigate (cd) will be controlled by ACL. For example, after 
mount the "projects", user see all 3 sub dirs: US CA MX. But only member 
of projectadmin, projmanageus, projectXXgroup can access 
/projects/US/clientB/projectXX.

I am trying to keep it simple to manage the share and the permission. So 
is the above possible? or I am totally on the wrong direction?

Please help.

Thanks a lot.

Gao



--