[Samba] problems with permissions
Jerry Lowry
jlowry at edt.com
Mon Nov 27 20:14:44 UTC 2017
hi list,
environment:
Windows 2008 Domain
Centos 7 server running samba 4.4.4
Problem:
I am creating a number of samba shares on the Centos server to be used
on the Domain. Right now I have two major directories setup as shares
with minor directories being created.
How do I specify read/write permissions on the minor directories without
having to create a share for each directory? When I specify a domain
group the centos server does not see the group.
The configuration now shows multiple shares but it does not preserve the
read only access in the minor shares.
Here is the config:
[global]
workgroup = Accounting
security = ADS
realm = Accounting.edt.local
log file = /var/log/samba/%m.log
log level = 1
# Default ID mapping configuration for local BUILTIN accounts
# and groups on a domain member. The default (*) domain:
# - must not overlap with any domain ID mapping configuration!
# - must use a read-write-enabled back end, such as tdb.
# - Adding just this is not enough
# - You must set a DOMAIN backend configuration, see below
idmap config * : backend = tdb
idmap config * : range = 1000000-2000000
#
username map = /usr/local/etc/samba/user.map
winbind use default domain = yes
passdb backend = tdbsam
printing = cups
printcap name = cups
load printers = yes
cups options = raw
[custinfo]
path = /cui/admin/Customer Info
comment = Mfg and Purchasing
valid users = tiana bob carol jessica janet lynne
read list = lynne janet jessica
write list = tiana bob carol
writable = yes
browsable = yes
[custorders]
path = /cui/admin/Customer Orders
comment = Mfg and Purchasing
valid users = tiana bob carol jessica janet lynne
read list = lynne janet jessica
write list = tiana bob carol
writable = yes
browsable = yes
[custdandb]
path = /cui/admin/Customer credit reports (D&B)
comment = Mfg and Purchasing
valid users = tiana bob carol jessica janet lynne
write list = lynne janet jessica
read list = tiana bob carol
writable = yes
browsable = yes
[acctcui]
path = /cui/acct
comment = Accounting CUI Directories
valid users = jlowry, lynne, janet, jessica
browsable = yes
read only = No
[admincui]
path = /cui/admin
comment = Accounting CUI Directories
valid users = jlowry lynne janet jessica bob tiana cynthia jill
thuylinh carol wendy tom
browsable = yes
read only = No
--
---------------------------------------------------------------------------
Jerold Lowry
Principal Network/Systems Engineer
Engineering Design Team (EDT), Inc. a HEICO company
3423 NW John Olsen Pl
Hillsboro, Oregon 97124 (U.S.A.)
Phone: 503-690-1234 / 800-435-4320
Fax: 503-690-1243
Web: _www.edt.com <http://www.edt.com/>_
More information about the samba
mailing list