[Samba] Strange occurance when assigning permissions
Good evening, We are assigning permissions to a samba share (see below) via windows. When we apply the changed permissions, the owning user/group looses all access. Has anyone experienced this before? We have another server setup and it works correctly. Thanks. [publicweb] path = /apps/publicweb read only = no browseable = no guest ok = no valid users = @DOMAIN\PubWeb_Editors public = no hide unreadable = yes inherit acls = yes inherit permissions = yes create mask = 6770 force create mode = 6770 security mask = 000 force security mode = 6770 force directory mode = 6770 directory mask = 6770 force create group = libwebuser directory security mask = 000 ; force directory security mode = 770 admin users = @DOMAIN\admins --Dale --- Dale Poulter Automation Coordinator Library Information Technology Services Vanderbilt University Suite 700 110 21st Avenue South Nashville, TN 37240 (615)343-5388 (615)343-8834 (fax) (615)207-9705 (cell) dale.poul...@vanderbilt.edumailto:dale.poul...@vanderbilt.edu -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Samba user problem
We are using RHEL release 5.5, Samba version 3.0.33-3.28.el5, and active directory. I have been able to successfully join the domain and have created a share. The problem is that I can only map the share with an ADS username that is the same as a username on the unix server. I still need to use the ADS password so it appears to be connecting to the domain correctly. Has anyone else encountered this issue? --Dale --- Dale Poulter Automation Coordinator Library Information Technology Services Vanderbilt University Suite 700 110 21st Avenue South Nashville, TN 37240 (615)343-5388 (615)343-8834 (fax) (615)207-9705 (cell) dale.poul...@vanderbilt.edumailto:dale.poul...@vanderbilt.edu -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba user problem
All, As if often the case , I quickly found a typo in my nsswitch file immediately after sending the email. Thanks. From: Poulter, Dale Sent: Sunday, April 04, 2010 3:20 PM To: samba@lists.samba.org Subject: Samba user problem We are using RHEL release 5.5, Samba version 3.0.33-3.28.el5, and active directory. I have been able to successfully join the domain and have created a share. The problem is that I can only map the share with an ADS username that is the same as a username on the unix server. I still need to use the ADS password so it appears to be connecting to the domain correctly. Has anyone else encountered this issue? --Dale --- Dale Poulter Automation Coordinator Library Information Technology Services Vanderbilt University Suite 700 110 21st Avenue South Nashville, TN 37240 (615)343-5388 (615)343-8834 (fax) (615)207-9705 (cell) dale.poul...@vanderbilt.edumailto:dale.poul...@vanderbilt.edu -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Web share issue
All, We are moving to Solaris for our web server. We have many domain groups who should have access to specific directories owned by the web unix user but not all. We are using acls but this still is not working. Here are our settings smb.conf [webshare] path = /apps/webshare read only = no browseable = no guest ok = no force security mode = 0770 valid users = @VAND\Web_Editors public = no force user=web hide unreadable = yes inherit acls = yes inherit permissions = no create mask = 700 directory mask = 700 hide unreadable = yes admin users = @VAND\serveradmins Directories /apps/webshare --main share, only allowed directories are visible /apps/webshare/test ---only @VAND\all should see and have access /apps/webshare/test2 --- admins should be able to see and edit, others should not even see the directory. Any suggestions? Thanks. --Dale --- Dale Poulter Automation Coordinator Library Information Technology Services Vanderbilt University Suite 700 110 21st Avenue South Nashville, TN 37240 (615)343-5388 (615)343-8834 (fax) (615)207-9705 (cell) dale.poul...@vanderbilt.edumailto:dale.poul...@vanderbilt.edu -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Samba directory level security
Good morning all, We are moving our web server from novell to unix (solaris) and will be using samba to allow users to edit web pages. Our samba instance authenticates using ADS and the users do not necessarily have accounts on the server itself. We are attempting to allow users to map a single samba share but only see the directories they have read access to (see configuration below). Any suggestions? We have /www (main share) /www/dir1 /www/dir2 /www/dir3 everyone should map to /www group should see something like dir1 dir2 dir3 group2 dir1 dir2 [www] path = /www read only = yes browseable = no guest ok = no write list= @Domain\All_Editors public = no force user=web hide unreadable=yes [dir1] path = /www/dir1 read only = no browseable = no guest ok = no write list= @Domain\DIR1_Editors public = no force user=web hide unreadable=yes --Dale --- Dale Poulter Automation Coordinator Library Information Technology Services Vanderbilt University Suite 700 110 21st Avenue South Nashville, TN 37240 (615)343-5388 (615)343-8834 (fax) (615)207-9705 (cell) dale.poul...@vanderbilt.edumailto:dale.poul...@vanderbilt.edu -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba directory level security
Robert, ACLs may be possible. Do I understand correctly that you only have the one share and you still force the user to be the webserver user? From: Robert LeBlanc [mailto:rob...@leblancnet.us] Sent: Tuesday, October 06, 2009 9:12 AM To: Poulter, Dale Cc: samba@lists.samba.org Subject: Re: [Samba] Samba directory level security Is the use of ACLs a possibility? Iv'e explained to someone yesterday how to use ACLs in Samba with ADS. It works very well for us and we are doing exactly what you want except that we only share out the root (www directory in your instance) and control everything using ACLs. Robert LeBlanc Life Sciences Undergraduate Education Computer Support Brigham Young University On Tue, Oct 6, 2009 at 7:03 AM, Poulter, Dale dale.poul...@vanderbilt.edumailto:dale.poul...@vanderbilt.edu wrote: Good morning all, We are moving our web server from novell to unix (solaris) and will be using samba to allow users to edit web pages. Our samba instance authenticates using ADS and the users do not necessarily have accounts on the server itself. We are attempting to allow users to map a single samba share but only see the directories they have read access to (see configuration below). Any suggestions? We have /www (main share) /www/dir1 /www/dir2 /www/dir3 everyone should map to /www group should see something like dir1 dir2 dir3 group2 dir1 dir2 [www] path = /www read only = yes browseable = no guest ok = no write list= @Domain\All_Editors public = no force user=web hide unreadable=yes [dir1] path = /www/dir1 read only = no browseable = no guest ok = no write list= @Domain\DIR1_Editors public = no force user=web hide unreadable=yes --Dale --- Dale Poulter Automation Coordinator Library Information Technology Services Vanderbilt University Suite 700 110 21st Avenue South Nashville, TN 37240 (615)343-5388 (615)343-8834 (fax) (615)207-9705 (cell) dale.poul...@vanderbilt.edumailto:dale.poul...@vanderbilt.edumailto:dale.poul...@vanderbilt.edumailto:dale.poul...@vanderbilt.edu -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba