I figured out that "force group" works a little bit different as expected.
Adding a + before the group did the job. force group = +@MYDOMAIN\develop Sorry for wasting your time. Daniel -----Ursprüngliche Nachricht----- Von: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] Im Auftrag von Zabel, Daniel Gesendet: Dienstag, 25. Oktober 2011 11:44 An: samba@lists.samba.org Betreff: [Samba] Permisson issue - unix permissions ignored Hi, I have a share "dev". This share should be readable by all domain users. Beneath this share, there is a folder "source " which should only accessibly by developers. This folder has unix permissions set to 770 (recursive) , owner is user "build" and group is "develop". Share setup is: [dev] comment = Dev path = /export/dev valid users = @MYDOMAIN\domain-users force group = @MYDOMAIN\develop browseable = yes read only = no create mask = 0664 directory mask = 0775 access based share enum = yes security in smb.conf is set to "security = ads". If I connect to this share by a user that is member in "domain-user" and NOT in "develop" I can read all files - also all files beneath "source". Trying the same on a unix console with the user gives a "Permissions denied" like expected. Why did samba ignores the unix file permissions on folder "source" ? What setting could be wrong? Cheers, Daniel -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba