Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I've got a Mandrake 8.2 web server running samba. I'm having and interesting problem.
I have joined the mandrake box to our NT4 domain (done on both the NT4 PDC and the mandrake box).
My problem is that I only want two users to have write access (eveyryone else gets read only), but I want to be able to control it via NT users.
I tried putting my user in the write list, but it seems that is for local linux accounts. I tried doing DOMAIN\user in the box, referring to NT4 accounts, but that didn't work either.
Is there a way I can set up samba so all users in the NT4 "webmasters" group have write access, while all other NT4 users have read access?
So far, the only way I can get write access is to set read only to no, but that opens it up for everyone. I don't want that.
I posted a similiar question a couple of weeks ago, I have yet to receive a reply. I'm thinking I will setup the same users and groups on the Linux box that already exist on the W2K server. I have not had time to test this therory, so proceed with caution.
I've found that if I only create matching users on the linux box for those that need access, access is granted. I can then control read and read-write access via "write list" and "read list" with local linux user accounts.
From what I can tell, the password on the local accounts really don't matter. With samba running in DOMAIN security mode, it checks the NT4 PDC to see if the supplied credentials are valid. But it won't let anyone in beyond that point unless there is a local linux account that matches the domain user account credentials.
I also read that there is a project in the works that would extend the "schema" (lack of a better word) of the ext2 file system. You can then embed Windows ACL's in the actual file system. That would give you the granularity of control you need. The local permissions override the Windows ACL permissions.
Anyway, if I'm wrong, I hope someone will let me know.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
