Re: [Samba] Force group syntax for multiple groups
Ex: Let vbstore be a virtual dfs directory (dfsroot) on your samba. For each subdirectory you have to make a share in your smb.conf with the rights you need. In the dfs root (vbstore) make an ln -s msdfs for each share... and you are on. --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -Ursprüngliche Nachricht- Von: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] Im Auftrag von Le, Anh Gesendet: Freitag, 7. Oktober 2011 14:54 An: Chris Weiss; samba@lists.samba.org Betreff: Re: [Samba] Force group syntax for multiple groups Hi Chris, First of all, thank you very much for reply. I have the situation here. I want to share a directory (vobstor) which has multiple subdirectories. These subdirectories are owned by different groups. How can I setup the correct permission here in samba so that each group can has the correct access to their files? Below are my smb.conf file. With this configuration a few of groups are not able to read the files but they are able to open the shared location and see the files. Any idea would be very appreciated. By the way, our samba server version is 3.5.11 and it is connecting to Windows 2008 R2 AD. I don't have the problem when the samba server is connecting to the Windows 2003 AD. Thanks Anh. [global] workgroup = ENGINEERING realm = DOMAIN.COM preferred master = no server string = Samba %v - %h security = ADS encrypt passwords = yes inherit acls = Yes nt acl support = yes inherit permissions = yes debug level = 0 log file = /var/log/smb.log winbind enum users = yes winbind enum groups = Yes winbind use default domain = Yes winbind nested groups = Yes winbind separator = + ;template primary group = "Domain Users" # idmap domains = DOMAIN idmap config DOMAIN:backend = ad idmap config DOMAIN:default = yes idmap config DOMAIN:readonly = yes idmap config DOMAIN:range = 8000-5 idmap config DOMAIN:schema = rfc2307 idmap alloc backend = tdb idmap alloc config:range = 2000-3000 load printers = No disable spoolss = Yes printcap name = /dev/null [vobstor] comment = Vobstor Space path = /vobstor read only = No create mask = 0775 directory mask = 0775 -Original Message- From: Chris Weiss [mailto:cwe...@gmail.com] Sent: Thursday, October 06, 2011 12:40 PM To: Le, Anh; samba@lists.samba.org Subject: Re: [Samba] Force group syntax for multiple groups On Thu, Oct 6, 2011 at 11:13 AM, Le, Anh mailto:anh...@cognex.com>> wrote: > Hi All, > > What is the syntax of option "force group" for multiple groups? Is there any one can help me on this? I really appreciate it. I want to give the permission the shared directory to multiple groups but I don't know what is its syntax. > > I already tried "force group = group1, group2, group3" but it did not work. > this isn't for user group coaxing, it's for plain old POSIX primary permissions. there can only be one primary group. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Force group syntax for multiple groups
From: "Le, Anh" Date: Fri, 7 Oct 2011 11:38:49 -0400 > What is the samba config if I'm using acls for my shared location > (vobstor in this case)? You need no additional configuration. If your filesystem supports ACL which Samba supports, ACL feature is automatically enabled unless you explicitly disabled with configure option. Of course Samba ACL feature supports EXT3, XFS and other major filesystem. > I believe it simplifies your samba config. Since there is no need to > force anything.. > > John +1 --- TAKAHASHI Motonobu -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Force group syntax for multiple groups
Hi John, What is the samba config if I'm using acls for my shared location (vobstor in this case)? Thanks Anh. -Original Message- From: John Drescher [mailto:dresche...@gmail.com] Sent: Friday, October 07, 2011 11:06 AM To: Le, Anh Cc: samba@lists.samba.org Subject: Re: [Samba] Force group syntax for multiple groups On Fri, Oct 7, 2011 at 11:03 AM, Le, Anh wrote: > Hi John, > > I'm not familiar with acls, and I thought it may be more complicated in samba > config if filesystem using acls. Is it true? > I believe it simplifies your samba config. Since there is no need to force anything.. John -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Force group syntax for multiple groups
On Fri, Oct 7, 2011 at 11:03 AM, Le, Anh wrote: > Hi John, > > I'm not familiar with acls, and I thought it may be more complicated in samba > config if filesystem using acls. Is it true? > I believe it simplifies your samba config. Since there is no need to force anything.. John -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Force group syntax for multiple groups
Hi John, I'm not familiar with acls, and I thought it may be more complicated in samba config if filesystem using acls. Is it true? Thanks Anh. -Original Message- From: John Drescher [mailto:dresche...@gmail.com] Sent: Friday, October 07, 2011 8:59 AM To: Le, Anh Cc: samba@lists.samba.org Subject: Re: [Samba] Force group syntax for multiple groups > I have the situation here. I want to share a directory (vobstor) which has > multiple subdirectories. These subdirectories are owned by different groups. > How can I setup the correct permission here in samba so that each group can > has the correct access to their files? Below are my smb.conf file. With this > configuration a few of groups are not able to read the files but they are > able to open the shared location and see the files. Any idea would be very > appreciated. > Why don't you set this up on the native filesystem using acls? John -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Force group syntax for multiple groups
> I have the situation here. I want to share a directory (vobstor) which has > multiple subdirectories. These subdirectories are owned by different groups. > How can I setup the correct permission here in samba so that each group can > has the correct access to their files? Below are my smb.conf file. With this > configuration a few of groups are not able to read the files but they are > able to open the shared location and see the files. Any idea would be very > appreciated. > Why don't you set this up on the native filesystem using acls? John -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Force group syntax for multiple groups
Hi Chris, First of all, thank you very much for reply. I have the situation here. I want to share a directory (vobstor) which has multiple subdirectories. These subdirectories are owned by different groups. How can I setup the correct permission here in samba so that each group can has the correct access to their files? Below are my smb.conf file. With this configuration a few of groups are not able to read the files but they are able to open the shared location and see the files. Any idea would be very appreciated. By the way, our samba server version is 3.5.11 and it is connecting to Windows 2008 R2 AD. I don't have the problem when the samba server is connecting to the Windows 2003 AD. Thanks Anh. [global] workgroup = ENGINEERING realm = DOMAIN.COM preferred master = no server string = Samba %v - %h security = ADS encrypt passwords = yes inherit acls = Yes nt acl support = yes inherit permissions = yes debug level = 0 log file = /var/log/smb.log winbind enum users = yes winbind enum groups = Yes winbind use default domain = Yes winbind nested groups = Yes winbind separator = + ;template primary group = "Domain Users" # idmap domains = DOMAIN idmap config DOMAIN:backend = ad idmap config DOMAIN:default = yes idmap config DOMAIN:readonly = yes idmap config DOMAIN:range = 8000-5 idmap config DOMAIN:schema = rfc2307 idmap alloc backend = tdb idmap alloc config:range = 2000-3000 load printers = No disable spoolss = Yes printcap name = /dev/null [vobstor] comment = Vobstor Space path = /vobstor read only = No create mask = 0775 directory mask = 0775 -Original Message- From: Chris Weiss [mailto:cwe...@gmail.com] Sent: Thursday, October 06, 2011 12:40 PM To: Le, Anh; samba@lists.samba.org Subject: Re: [Samba] Force group syntax for multiple groups On Thu, Oct 6, 2011 at 11:13 AM, Le, Anh mailto:anh...@cognex.com>> wrote: > Hi All, > > What is the syntax of option "force group" for multiple groups? Is there any > one can help me on this? I really appreciate it. I want to give the > permission the shared directory to multiple groups but I don't know what is > its syntax. > > I already tried "force group = group1, group2, group3" but it did not work. > this isn't for user group coaxing, it's for plain old POSIX primary permissions. there can only be one primary group. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Force group syntax for multiple groups
On Thu, Oct 6, 2011 at 11:13 AM, Le, Anh wrote: > Hi All, > > What is the syntax of option "force group" for multiple groups? Is there any > one can help me on this? I really appreciate it. I want to give the > permission the shared directory to multiple groups but I don't know what is > its syntax. > > I already tried "force group = group1, group2, group3" but it did not work. > this isn't for user group coaxing, it's for plain old POSIX primary permissions. there can only be one primary group. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Force group syntax for multiple groups
Hi All, What is the syntax of option "force group" for multiple groups? Is there any one can help me on this? I really appreciate it. I want to give the permission the shared directory to multiple groups but I don't know what is its syntax. I already tried "force group = group1, group2, group3" but it did not work. Thanks Anh. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
