Guest user?

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Guest user?

piersk
Hello all,

Am trying to set up a guest account for employees from other offices to
come in the office to login and do stuff.  I want to block access to all
public drives so this is what I've done:

Consider the SAMBA server in Office A and I want to create a guest account
so that people from Office B and C can access.  There is a public drive
that everyone in Office A can edit, and a drive called "Restricted" that
one person in Office A can edit, but everyone else in Office A can access
but not edit.

Created a group called "everyone" and added everyone in Office A to that
group
Created a group called "Restricted" and added the person who's allowed to
edit this drive to that group
Created the following lines in smb.conf file:

[public]
    comment = shared folder
    writeable = yes
    path = /home/samba/public
    write list = @everyone
    guest ok = no
    create mode = 0777
    directory mode = 0777

[signmatters]
        comment = shared folder
        writeable = yes
        path = /home/samba/restricted
        write list = @restricted
        valid users = @everyone @restricted
        guest ok = no
        create mode = 0775
        directory mode = 0775

guest isn't part of either "everyone" or "restricted" groups.  The
permissions of the 2 folders are:

drwxrwx---  3 root everyone   4096 2005-04-27 14:56 public
drwxrwx---  2 root restricted 4096 2005-04-27 14:56 restricted

As it is, guest can't access either drives, everyone in Office A can
access the public drive and edit stuff on there, the person who's allowed
to edit the restricted files can do so, but no-one in Office A is able to
access the restricted files?  How do I set it so that guest can't access
the restricted files, but everyone in Office A can?

Thanks very much for your help in advance

Cheers - Piers

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba
Reply | Threaded
Open this post in threaded view
|

Re: Guest user?

Tony Earnshaw
ons, 27.04.2005 kl. 15.04 skrev [hidden email]:

> Am trying to set up a guest account for employees from other offices to
> come in the office to login and do stuff.  I want to block access to all
> public drives so this is what I've done:
>
> Consider the SAMBA server in Office A and I want to create a guest account
> so that people from Office B and C can access.  There is a public drive
> that everyone in Office A can edit, and a drive called "Restricted" that
> one person in Office A can edit, but everyone else in Office A can access
> but not edit.

You say nothing of Samba version or platform. I've discovered POSIX ACLs
on Red Hat RHAS3 and Samba 3.0.11, and  the whole shop's gone wild with
joy. Depending on your Samba version, do 'man smb.conf' and search for
'inherit acls'. Maybe something for you.

--Tonni

>
> Created a group called "everyone" and added everyone in Office A to that
> group
> Created a group called "Restricted" and added the person who's allowed to
> edit this drive to that group
> Created the following lines in smb.conf file:
>
> [public]
>     comment = shared folder
>     writeable = yes
>     path = /home/samba/public
>     write list = @everyone
>     guest ok = no
>     create mode = 0777
>     directory mode = 0777
>
> [signmatters]
>         comment = shared folder
>         writeable = yes
>         path = /home/samba/restricted
>         write list = @restricted
>         valid users = @everyone @restricted
>         guest ok = no
>         create mode = 0775
>         directory mode = 0775
>
> guest isn't part of either "everyone" or "restricted" groups.  The
> permissions of the 2 folders are:
>
> drwxrwx---  3 root everyone   4096 2005-04-27 14:56 public
> drwxrwx---  2 root restricted 4096 2005-04-27 14:56 restricted
>
> As it is, guest can't access either drives, everyone in Office A can
> access the public drive and edit stuff on there, the person who's allowed
> to edit the restricted files can do so, but no-one in Office A is able to
> access the restricted files?  How do I set it so that guest can't access
> the restricted files, but everyone in Office A can?
>
> Thanks very much for your help in advance
>
> Cheers - Piers
--
Nothing sucksseeds like a pigeon without a beak ...

mail: [hidden email]
http://www.billy.demon.nl
 
They'll love us, won't they? They feed us, don't they? ...

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba