On Wed, Sep 22, 2010 at 11:44 PM, Grant <[email protected]> wrote:
> > Since you are already doing everything based on AD ... > Have the windows folks make AD security groups for your groups b c d e And > then filter the shares using smb.conf entries like > valid users = @ad\groupB > write list = @ad\groupB > > To make it really convenient for you have the ad team make you an admin for > a small area in AD where you set up and administer your groups using active > directory users and computers on a windows box It was the first thing I tried. Here are some reasons it will not work: 1. For some strange reason, not all the members of set B are capable of being added to these new groups (don't ask me, its windows after all - I am not the AD admin). 2. The response of the admins is rather slow. If someone joins or leaves B, I want to be able to respond faster than the weeks lead time we currently have. So, I guess I am asking if there is something like a samba user whitelist (that I could use in conjunction with denying everyone access by default). Or something equivalent to this. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
