[Samba] Allow single sub-folder access on an otherwise prohibited share - why does the solution work?
hartnegg at gmx.de
Thu Jul 6 16:44:49 UTC 2017
Am 04.07.2017 um 15:02 schrieb Ole Traupe via samba:
> I have managed to grant a specific user access to a sub-folder
> (sub-level 3 from the share's entry point, I think) on a Samba 4 share
> he/she is not allowed and not able to access in total/general. I tried 2
> different ways with one of them working. I'd like to discuss why that is.
The correct way to do this is to grant the user only the X right on only
the folders above, and the RX or M right on the folder where user should
icacls dir /grant user:(np)(x)
icacls dir\subdir /grant user:m
The user will not be able to do anything in dir, not even see subdir.
The admin should create a shortcut to subdir, and place that shortcut
somewhere where the user can click on it, for example on the users desktop.
More information about the samba