> I can answer part of that - meaning, the part about the ACLs. > > An ACL simply contains entries that controls access to objects (files, > folders, etc.). These entries will specify a user (or group of users) that > can access a particular object - as well as the type of access that is > allowed. > > When a user logs onto a MS domain, an access token is created that "holds" > the users credentials. When a user tries to access an object, the > credentials in the token are compared with the info in the ACL. If there's > a match, the user is granted access to that particular object. > > As far as SAMBA is concerned, I'm afraid that's still alien territory for > me.
In Samba the administrator can control who has access (and the kind of access) to particular shares - there are examples in the sample configuration file. I don't know of a way to provide different access to components of a share though (analagous to the RACF GRANT command) or for users to control it. -- Cheers John Summerfield Microsoft's most solid OS: http://www.geocities.com/rcwoolley/ Note: mail delivered to me is deemed to be intended for me, for my disposition.
