[Samba] Samba + AD Authentication: Restricting access to shares
Goetz, Patrick G
pgoetz at math.utexas.edu
Tue Jun 11 19:45:51 UTC 2019
Because most of our servers are restricted to specific user groups and
the AD domain covers the entire university, I need to find a way to
limit access to samba shares, preferably using AD security groups; i.e.
I want to do something like:
[EMdata]
comment = TEM Data
path = /EMdata
valid users = @cns-cryo-emusers
guest ok = no
writeable = yes
where cns-cryo-emusers is an AD security group. Has this been
implemented in any version of Samba? Otherwise, is there any way to
limit access when doing AD authentication? We don't have any local
users to limit access to; it's all domain users. The local accounts are
strictly used for administrative purposes.
More information about the samba
mailing list