Craig White wrote: > On Wed, 2006-03-29 at 12:13 -0700, Eric "Shubes" wrote: >> Nathan England wrote: >>> I have a folder called /files >>> everyone has access to this folder, but there are a few folders inside that >>> only a few people are allowed to access. What is the best way to allow >>> everyone access to the /files directory but only allow those required to have >>> access to the specific folders inside? >>> >>> Do I create a seperate share for each specific folder? >>> I want to avoid mapping more drives to the users. Can I change the access >>> permissions on the windows machines? I don't want to make it too confusing. >>> What is the best way? >>> >> I'm not sure of the best way. >> I think I would create a new group for the 'few people', and make them >> members of the group. Then change the groupid of the restricted folders >> to the new group, and turn off 'other' permissisions on said folders. >> Then you can give the share for /files to everyone. >> I'm pretty sure that'll work for you, but I'd test it to be sure. > ---- > this makes sense in that samba understands and respects sgid bits set on > directories but it does sort of depend upon what the share definitions > are to begin with as things like force user/group/directory/create all > have impact. Various settings can have an impact, but it should work nicely using a vanilla (default settings) share. Again, KISS. > Also I think what Mike Schwartz is alluding to, is that samba is also > capable of using EACL's if the underlying file system supports them and > you might be able to use Windows permission tools to set them with the > proper setup of samba as well (nt acl support) > > the official Samba 3 HowTo might be useful here... > > http://samba.org/samba/docs/man/Samba-HOWTO-Collection/AccessControls.html#id2578475 Great document and reference. > > Craig > -- -Eric 'shubes' **************************************************** This message has been scanned using Contraxx Technology Group mail server v8.0.3 and is virus free. Message sent from Mail Server 3 **************************************************** --------------------------------------------------- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change you mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss