Robert, ACLs may be possible. Do I understand correctly that you only have the one share and you still force the user to be the webserver user?
From: Robert LeBlanc [mailto:rob...@leblancnet.us] Sent: Tuesday, October 06, 2009 9:12 AM To: Poulter, Dale Cc: samba@lists.samba.org Subject: Re: [Samba] Samba directory level security Is the use of ACLs a possibility? Iv'e explained to someone yesterday how to use ACLs in Samba with ADS. It works very well for us and we are doing exactly what you want except that we only share out the root (www directory in your instance) and control everything using ACLs. Robert LeBlanc Life Sciences & Undergraduate Education Computer Support Brigham Young University On Tue, Oct 6, 2009 at 7:03 AM, Poulter, Dale <dale.poul...@vanderbilt.edu<mailto:dale.poul...@vanderbilt.edu>> wrote: Good morning all, We are moving our web server from novell to unix (solaris) and will be using samba to allow users to edit web pages. Our samba instance authenticates using ADS and the users do not necessarily have accounts on the server itself. We are attempting to allow users to map a single samba share but only see the directories they have read access to (see configuration below). Any suggestions? We have /www (main share) /www/dir1 /www/dir2 /www/dir3 everyone should map to /www group should see something like dir1 dir2 dir3 group2 dir1 dir2 [www] path = /www read only = yes browseable = no guest ok = no write list= @Domain\All_Editors public = no force user=web hide unreadable=yes [dir1] path = /www/dir1 read only = no browseable = no guest ok = no write list= @Domain\DIR1_Editors public = no force user=web hide unreadable=yes --Dale --------------------------------------- Dale Poulter Automation Coordinator Library Information Technology Services Vanderbilt University Suite 700 110 21st Avenue South Nashville, TN 37240 (615)343-5388 (615)343-8834 (fax) (615)207-9705 (cell) dale.poul...@vanderbilt.edu<mailto:dale.poul...@vanderbilt.edu><mailto:dale.poul...@vanderbilt.edu<mailto:dale.poul...@vanderbilt.edu>> -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba