Folder permissions for samba share in small medical office?
 

I have been using samba running on a debian server for file sharing of patient medical records in my office. The doctor notes are scanned as pdf files and sorted into folders A-Z and then subfolders named patient "lastname_firstname". Most of the folders and files are owned by user "smbguest" from group "smbguest" and have the following permissions "drwxrwsr-x". This must be related to the samba mask settings that where initially set up.

My problem is that once in a while a secretary will accidentally drag one patient's folder into another. Sometimes even a higher level folder like the J_patients folder into the K_patients folder. This causes the folder to essentially disappear to my staff until I can locate it and correct the problem.

I would like to hear some recommendations about how I could alter permissions of the folders, subfolders, and documents to continue to allow the secretaries to scan in new documents but at the same time prevent them from accidentally deleting or moving a patient's folder.

What does your smb.conf file say?

secuity = share will allow everyone to access shares.
Make sure the top level folder of your shared resource is shared, not just the sub folders.

There a lot of config options for the smb.conf

smb.conf
 

Below is my smb.conf file.

[global]
workgroup = IN
netbios name = LARRY
guest account = myguest
security = user
socket options = TCP_NODELAY IPTOS_LOWDELAY
map to guest = bad user

[homes]
comment = Home Directories
valid users = %S
read only = No
browseable = No

[public]
comment = Shared User Data
path = /var/export
browseable = Yes
public = Yes
read only = No
guest ok = Yes
force group = myguest
force create mode = 0775
force directory mode = 2775