Hi all!
Samba security has always confused me so I am need of some expertise.

We used to setup our servers to run as root which I know is a BAD idea. But being of a lower skill set it was just easier. Now I am setting up our servers to run as a user and not root.

I have just setup a RHEL6 server with the samba 3.5.

I want to setup a share that is accessible for administrators only...which basically gives us access to the entire directory structure with R/W privileges similar to root.

I have setup a group called "admins" and added 3 administrators to that group. In the past running the server as root we had no issues with the below config. Now running the server as a user it is not working.

How can I setup samba to give our admins full access like we had before?

Any help would be greatly appreciated!!!

[rootdir]
comment = root
path = /
writeable = yes
valid users = @admins
admin users = @admins
browseable = no

Thanks!

Hi,

as you mentioned yourself its a bad idea to do so. You have a good chance of "being killed by friendly fire".
Think about something like http://winscp.net/ if you want to access your files from windows,
or use Putty to do things by ssh.
The problem is not only an administrator with "low skill" (why is that guy an administrator?) but you are also asking for windows problems/exploits to hop on your RHEL6.
Ask yourself:
What could a low skilled administrator do by cut, copy or paste in wrong folder or file?
BTW even a defective mouse could do that.
What could a Trojan horse or virus do?

If still want to do so look if /etc/samba/smb.conf file has a line like:
But again know that it is dangerous to remove or comment that.
A good advice: Do Backups at least daily!

Hi,
invalid users = root is not in my smb.conf. and we do take daily backups! ;-)

Anything else I can do?

Pray. ;-)

I figured it out!

Thanks....I guess.... ;-)

Amen. ;-)