your first attempt with using "force group" is correct, but your syntax is not.
for "force group" you have to omit the '@' sign. it only takes the name of the group.
for example :
force group = f
at least thats the way it works for me .... ;-) Christoph
Mario Gamito schrieb:
Hi,
First of all, my apologies for the extension of this message, but it is needeed for you to undertand my problem.
Straight to the point: i have this domain in my company running in Samba 3.0.2
My users are: hcoelho, jardim, gamito, yesenia, smatias, fqueiros, faugusto, vamaro, peixinho, aragao, dina, pinho.
I have this shares with the users that can access them and the
correponding Linux groups:
[DAT]: hcoelho, jardim, fqueiros, gamito, faugusto => Linux group A [DID]: hcoelho, jardim, gamito, faugusto, peixinho, aragao, vamaro => Linux group B [DGM]: hcoelho, jardim, smatias => Linux group C [SAD]: hcoelho, jardi, yesenia => Linux group D [NTL]: Everybody => Linux group E [arquivo]: everybody [backups]: jardim, gamito, filipe => Linux group G [biblioteca]: everybody [desenvolvimento]: jardim, gamito, faugusto
user's groups: coelho : d hcoelho a b c e f g jardim : d jardim a b c e f g h gamito : gamito a b e f g h (etc...)
Besides these shares, there are the homes also.
Problems:
If hcoelho, for instance, copies a file to share [SAD], yesenia can't open it (and it should, as above), because it is copied with group A.
I've already used "force group" in smb.conf, but then, my users can't access their homes.
Following my signature is my smb.conf
Any help would be appreciated.
Warm Regards, Mário Gamito
smb.conf:
------------------------------
######################################
# #
# smb.conf : criado por Mário Gamito #
# Data: 21/06/04 #
# #
######################################
[global] workgroup = NETUAL netbios name = bateira server string = Beatrix Kiddo
# scripts para alterar o /etc/passwd quando o utilizador muda a password no Windows passwd program = /usr/bin/passwd %u passwd chat = *New*password* %n\n *Retype*new*password* %n\n *passwd:*all*authentication*tokens*updated*successfully* #username map = /etc/samba/smbusers
unix password sync = Yes log level = 2 log file = /etc/samba/individual/%m.log name resolve order = wins lmhosts host time server = Yes socket options = TCP_NODELAY IPTOS_LOWDELAY SO_SNDBUF=8192 SO_RCVBUF=8192 load printers = No #oplocks = No
add user script = /usr/sbin/useradd -n -g domainusers -G domainguests -d /dev/null -s /bin/false -M %u delete user script = /usr/sbin/userdel %u add group script = /usr/sbin/groupadd -r %g delete group script = /usr/sbin/groupdel %g add user to group script = /usr/bin/gpasswd -a %u %g delete user from group script = /usr/bin/gpasswd -d %u %g set primary group script = /usr/sbin/usermod -g '%g' '%u' add machine script = /usr/sbin/adduser -n -g domainmachines -c Machine -d /dev/null -s /bin/false %u
smb passwd file = /etc/samba/passwd
logon script = netualinit.bat logon path = \\%L\profiles\%U logon home = \\%L\%U logon drive = H: domain logons = Yes os level = 64 preferred master = Yes domain master = Yes dns proxy = No wins support = Yes message command = echo obrigado | smbclient -M %f panic action = echo Isto é uma mensagem automática: O servidor crashou. Contacte o Mário Gamito | smbclient -M shuttle host msdfs = Yes admin users = domainroot hosts allow = 10.10.1., 10.10.2. hosts deny = ALL hide files = /.bash_profile/.bash_logout/.bashrc/.gtkrc/.kde/.zshrc/
[homes] comment = Home Directories read only = No browseable = No create mask = 0600 directory mask = 0700
[Profiles] comment = Windows profiles para os utilizadores que carregam as suas preferências a partir do servidor. path = /etc/samba/profiles browseable = No read only = No create mask = 0600 directory mask = 0700
[netlogon] comment = Network Logon Service path = /etc/samba/netlogon browseable = No writeable = No browseable = No
[arquivo] comment = pasta de arquivo path = /home/arquivo/ writeable = Yes browseable = Yes create mask = 660 directory mask = 777 #force group = @f
[SAD] comment = pasta da SAD path = /home/SAD writeable = Yes browseable = Yes create mask = 660 directory mask = 770 #force group = @d
[DAT] comment = pasta da DAT path = /home/DAT writeable = Yes browseable = Yes create mask = 660 directory mask = 770 #force group = @a
[DID] comment = pasta da DID path = /home/DID writeable = Yes browseable = Yes create mask = 660 directory mask = 770 #force group = @b
[DGM] comment = pasta da DGM path = /home/DGM writeable = Yes browseable = Yes create mask = 660 directory mask = 770 #force group = @c
[SAD] comment = pasta da SAD path = /home/SAD writeable = Yes browseable = Yes create mask = 660 directory mask = 770 #force group = @d
[backups] comment = pasta de backups path = /home/backups writeable = Yes browseable = Yes create mask = 666 directory mask = 770 #force group = @g
[biblioteca] comment = pasta da biblioteca path = /home/biblioteca writeable = Yes browseable = Yes create mask = 666 directory mask = 777 #force group = @f
[desenvolvimento] comment = pasta do devel team path = /home/desenvolvimento writeable = Yes browseable = Yes create mask = 660 directory mask = 770 #force group = @h
[publico] comment = pasta publica path = /home/publico writeable = Yes browseable = Yes create mask = 666 directory mask = 777 #force group = @f
-- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba