LinuxQuestions.org
Review your favorite Linux distribution.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
Reload this Page Samba Setup Help
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices


Reply
  Search this Thread
Old 04-19-2007, 10:50 AM   #1
carlosinfl
Senior Member
 
Registered: May 2004
Location: Orlando, FL
Distribution: Arch
Posts: 2,905

Rep: Reputation: 77
Samba Setup Help

OK - Let me give a run down of how the SMB server needs to work and you guys can let me know what you think is best or how I should set this up.

I have a file server (RHEL 4.4) that needs to dish out our daily builds to all our developers running Windows XP Pro. Naturally Samba is installed and running fine. There are 2 users on the box besides admin/root. The 2 users have local shell accounts so they don't have any problems accessing the Samba share.

I forgot to mention that I set Samba to authenticate against our Windows DC/AD server. This way if you're logged in to the domain at your own PC and try to map the Samba share, it does not prompt you for any username / password. The problem I have now is I will have 100+ users who will need to read + execute this share path (not write) and I don't want to have to manually create a single user account for each and everyone of the them. That would take way too long and I would have no idea who or how many right now need access.

What would you do? Basically users need to browse this share and download daily builds to their local machines and nothing more.

Thanks for any help!
 
Old 04-19-2007, 11:20 AM   #2
vlad-the-emailer
LQ Newbie
 
Registered: Nov 2005
Posts: 24

Rep: Reputation: 15
If users authenticate against AD
then you should be able to group them on the PDC and map them to UNIX groups on your samba server using "net groupmap" ie:

net groupmap add ntgroup=devusers unixgroup=developers

(replace devusers and developers with your own groups)

If you then set ownership of the folder to developers(or whatever) they'll have access to the share and the UNIX perms will dictate access. You can also use the following to control access via smb.conf:

write list = +\DOMAIN\user +\DOMAIN\group +user

to give the person writing the builds write access to the share and:

read list = +\DOMAIN\user +\DOMAIN\group +user

where + must preceed user and group names that are part of the domain as opposed to local users are are addressed without the +.
Before Samba 3.0.23b (from memory) you used @Group but since then you have to explicitly name the domain in each entry.

You can also set POSIX acls that allow you to expand permissions to more than just a single user, group and others.
Too much to put here but basically go look up net groupmap in the samba docs as well as posix acls.

Hope this helped.

Cheers,

Jools
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
samba setup Chris Sharman SUSE / openSUSE 2 11-02-2006 08:57 AM
SAMBA Setup carlosinfl Debian 4 09-13-2006 12:46 PM
Samba Setup neocontrol Linux - Software 4 07-11-2005 11:06 PM
samba setup tran_colin Linux - Networking 1 10-19-2004 04:28 PM
I need the content from thegoldenear.org/toolbox/unices/samba/samba-setup.html rtg2001 Linux - Networking 1 08-05-2004 05:54 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Server

All times are GMT -5. The time now is 04:28 AM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration