On Sun, Feb 5, 2012 at 4:04 PM, Chris Smith <[email protected]> wrote: > On Sun, Feb 5, 2012 at 3:12 PM, Nico Kadel-Garcia <[email protected]> wrote: >>>> Share to expose is 'formacao' but I want it to be only writable by two AD >>>> users and read-only for everyone else. >>> >>> Then you would want "read only = yes", yes? >> >> Then the admin users wouldn't be able to write to it, would they? > > The "write list" parameter overrides the "read only" status for those listed. > I'm assuming that the two users listed in "write list = " are the the > two AD users that are desired to be the only ones who can write to the > share.
And you're correct, the man page points this out. I've tried to avoid this particular kind of manipulation ever since I first used Samba (way, way too long ago!!!) because the difference between the permissions management of of specific shares in smb.conf and the underlying POSIX compatible filesystem based permissions were easier to audit, safer and more robust to manage on the fileserver side, rather than being overlaid or overwritten by any mismatched CIFS based ownership. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
