you shouldn't need to force a group in the homes share, and using
"fore group" in another share shouldn't affect the homes share at all.
I guess the effect of locking out your users from their homes in
your first attempt with "force group" resulted from samba missbehaving with the @ sign in your groupnames.
Christoph
Mario Gamito schrieb:
Hi Christoph,
Thank you for your answer.
ok, i did that. i suppose that now, assignin the user's primary group as their own, they also can access their homes, right ?
Warm Regards, M�rio Gamito
On Tue, 2004-07-20 at 10:43, Christoph Scheeder wrote:
Hi,
your first attempt with using "force group" is correct, but your syntax is not.
for "force group" you have to omit the '@' sign. it only takes the name of the group.
for example :
force group = f
at least thats the way it works for me .... ;-) Christoph
Mario Gamito schrieb:
Hi,
First of all, my apologies for the extension of this message, but it is needeed for you to undertand my problem.
Straight to the point: i have this domain in my company running in Samba 3.0.2
My users are: hcoelho, jardim, gamito, yesenia, smatias, fqueiros, faugusto, vamaro, peixinho, aragao, dina, pinho.
I have this shares with the users that can access them and the
correponding Linux groups:
[DAT]: hcoelho, jardim, fqueiros, gamito, faugusto => Linux group A [DID]: hcoelho, jardim, gamito, faugusto, peixinho, aragao, vamaro => Linux group B [DGM]: hcoelho, jardim, smatias => Linux group C [SAD]: hcoelho, jardi, yesenia => Linux group D [NTL]: Everybody => Linux group E [arquivo]: everybody [backups]: jardim, gamito, filipe => Linux group G [biblioteca]: everybody [desenvolvimento]: jardim, gamito, faugusto
user's groups: coelho : d hcoelho a b c e f g jardim : d jardim a b c e f g h gamito : gamito a b e f g h (etc...)
Besides these shares, there are the homes also.
Problems:
If hcoelho, for instance, copies a file to share [SAD], yesenia can't open it (and it should, as above), because it is copied with group A.
I've already used "force group" in smb.conf, but then, my users can't access their homes.
Following my signature is my smb.conf
Any help would be appreciated.
Warm Regards, M�rio Gamito
smb.conf:
------------------------------
######################################
# #
# smb.conf : criado por M�rio Gamito #
# Data: 21/06/04 #
# #
######################################
[global] workgroup = NETUAL netbios name = bateira server string = Beatrix Kiddo
# scripts para alterar o /etc/passwd quando o utilizador muda a password no Windows passwd program = /usr/bin/passwd %u passwd chat = *New*password* %n\n *Retype*new*password* %n\n *passwd:*all*authentication*tokens*updated*successfully* #username map = /etc/samba/smbusers
unix password sync = Yes log level = 2 log file = /etc/samba/individual/%m.log name resolve order = wins lmhosts host time server = Yes socket options = TCP_NODELAY IPTOS_LOWDELAY SO_SNDBUF=8192 SO_RCVBUF=8192 load printers = No #oplocks = No
add user script = /usr/sbin/useradd -n -g domainusers -G domainguests -d /dev/null -s /bin/false -M %u delete user script = /usr/sbin/userdel %u add group script = /usr/sbin/groupadd -r %g delete group script = /usr/sbin/groupdel %g add user to group script = /usr/bin/gpasswd -a %u %g delete user from group script = /usr/bin/gpasswd -d %u %g set primary group script = /usr/sbin/usermod -g '%g' '%u' add machine script = /usr/sbin/adduser -n -g domainmachines -c Machine -d /dev/null -s /bin/false %u
smb passwd file = /etc/samba/passwd
logon script = netualinit.bat logon path = \\%L\profiles\%U logon home = \\%L\%U logon drive = H: domain logons = Yes os level = 64 preferred master = Yes domain master = Yes dns proxy = No wins support = Yes message command = echo obrigado | smbclient -M %f panic action = echo Isto � uma mensagem autom�tica: O servidor crashou. Contacte o M�rio Gamito | smbclient -M shuttle host msdfs = Yes admin users = domainroot hosts allow = 10.10.1., 10.10.2. hosts deny = ALL hide files = /.bash_profile/.bash_logout/.bashrc/.gtkrc/.kde/.zshrc/
[homes] comment = Home Directories read only = No browseable = No create mask = 0600 directory mask = 0700
[Profiles] comment = Windows profiles para os utilizadores que carregam as suas prefer�ncias a partir do servidor. path = /etc/samba/profiles browseable = No read only = No create mask = 0600 directory mask = 0700
[netlogon] comment = Network Logon Service path = /etc/samba/netlogon browseable = No writeable = No browseable = No
[arquivo] comment = pasta de arquivo path = /home/arquivo/ writeable = Yes browseable = Yes create mask = 660 directory mask = 777 #force group = @f
[SAD] comment = pasta da SAD path = /home/SAD writeable = Yes browseable = Yes create mask = 660 directory mask = 770 #force group = @d
[DAT] comment = pasta da DAT path = /home/DAT writeable = Yes browseable = Yes create mask = 660 directory mask = 770 #force group = @a
[DID] comment = pasta da DID path = /home/DID writeable = Yes browseable = Yes create mask = 660 directory mask = 770 #force group = @b
[DGM] comment = pasta da DGM path = /home/DGM writeable = Yes browseable = Yes create mask = 660 directory mask = 770 #force group = @c
[SAD] comment = pasta da SAD path = /home/SAD writeable = Yes browseable = Yes create mask = 660 directory mask = 770 #force group = @d
[backups] comment = pasta de backups path = /home/backups writeable = Yes browseable = Yes create mask = 666 directory mask = 770 #force group = @g
[biblioteca] comment = pasta da biblioteca path = /home/biblioteca writeable = Yes browseable = Yes create mask = 666 directory mask = 777 #force group = @f
[desenvolvimento] comment = pasta do devel team path = /home/desenvolvimento writeable = Yes browseable = Yes create mask = 660 directory mask = 770 #force group = @h
[publico] comment = pasta publica path = /home/publico writeable = Yes browseable = Yes create mask = 666 directory mask = 777 #force group = @f
-- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
