Web lists-archives.com

Re: [Samba] I have issue in configuring file servers with AD integration.

> On Mon, 21 Jan 2019 15:53:47 +0530
> venkat ramu <ramut123@xxxxxxxxx> wrote:

I have rewritten your shares.

 path = /srv/samba/test/inherit
 valid users = "SBX\Inherit-Group"
 invalid users = "SBX\Test-Group"
 read only = No

 comment = inherit1
 path = /srv/samba/test/inherit1
 valid users = "SBX\Inherit-Group"
 read only = No

The first share 'inherit' only allows the members of the AD group
'Inherit-Group' to connect, but if a user is also a member of
'Test-Group', they will not be allowed access.

The second share is similar, except it doesn't have any invalid users.

There is however another possible problem, even if Samba allows access,
the underlying OS might not. The directory '/srv/samba/test/inherit1'
will have to belong to 'root:Inherit-Group' with 'rwx' permissions for
the group.

Your users will also have to be able access each directory in the
shares path

All of the above is a lot easier if you set the permissions
from Windows.


To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba