I have a problem configuring my samba server, Here the current situation, I have a working samba+winbind+krb5+M$AD that was able to share folder to a certain group (svnusers), all accounts that is a member of that group defined on linux system where able to read/write to that folder. Now here is my problem, i have created a second group (QA), this time i want this group to limit thier access to a certain shared folder to read only, meaning members of my second group QA must not be able to modify/create folder or files within the shared folder.
I have a user kalbo that is able to read/write to my shared folder svn: >>> no problem with this
uid=514(kalbo) gid=521(svnusers) groups=521(svnusers),518(svnusers)
I have a user waybuhok that is not able to read to my shared folder svn: >>> this is the BIG PROBLEM how can i make this user able to access (READ ONLY) this shared folder.
uid=514(waybuhok) gid=521(qa) groups=521(qa)
Is there a way to attain my goal here? PANO ang samba config dapat?
here is my smb.conf
[global]
idmap gid = 15000-20000
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
auth methods = winbind
interfaces = eth1 lo
encrypt passwords = yes
hosts allow = 192.168.1.0/24 127.
show add printer wizard = No
winbind use default domain = yes
realm = MY.ORG
template shell = /bin/bash
dns proxy = no
template primary group = "Domain Users"
netbios name = c0c05
printing = cups
server string = MikeTestPC
winbind enum users = yes
idmap uid = 15000-20000
password server = acsad6
path = /home/mike
winbind nested groups = yes
template homedir = /home/win/%D/%U
workgroup = MY
[svn]
inherit permissions = yes
writeable = yes
path = /repository
force group = svnusers
force user = kalbo
comment = repository
valid users = kalbo,@svnusers
create mode = 0640
browsable = Yes
Thank you.
--
Mike Calizo
Registered Linux User # 365113
_________________________________________________
Even the longest journey has to start with a small first-step
_________________________________________________ Philippine Linux Users' Group (PLUG) Mailing List plug@lists.linux.org.ph (#PLUG @ irc.free.net.ph) Read the Guidelines: http://linux.org.ph/lists Searchable Archives: http://archives.free.net.ph