samba-users May 2010 archive
Main Archive Page > Month Archives  > samba-users archives
samba-users: Re: [Samba] samba and active directory groups

Re: [Samba] samba and active directory groups

From: Damien Dye <damien.j.dye_at_nospam>
Date: Sat May 01 2010 - 17:01:12 GMT
To: "Tharanga Abeyseela (RGA)" <tharanga.abeyseela@rexelga.com.au>

humm

am assuming that you want a share that is dynamic and that the group
is defined by the primary unix group of the user

if so try adding a share like this.

[group]
comment = my group folder %g
path = /path/to/folder/%g
browseable = yes
writable = yes

-- Damien Dye BSC(hon) On 29 April 2010 23:55, Tharanga Abeyseela (RGA) <tharanga.abeyseela@rexelga.com.au> wrote: > > Hi list, > > I have successfully authenticated active directory users with samba. Now I need to create some Active directory security groups and authenticate and redirect those users to a specific directory. > Ex: > IT_GROUP - user x , user y > FIN_group - user a, user b > > If the user x , access the samba server, that user will be redirected to the specific directory (that's in the samba stanza). > > This is my smb.conf > > [global] > workgroup = xxx > realm = xxx.COM > preferred master = no > server string = Samba file and print server > security = ADS > encrypt passwords = yes > password server = * > log level = 3 > log file = /var/log/samba/%m > max log size = 50 > winbind separator = + > idmap uid = 10000-20000 > idmap gid = 10000-20000 > winbind enum users = yes > winbind enum groups = yes > auth methods = winbind > printcap name = cups > printing = cups > > [homes] > comment = Home Directories > path = /home/IT > browseable = no > writable = yes > inherit acls = yes > inherit permissions = yes > #valid users = @"ADGROUP+domain users" > valid users = @"ADGROUP+domain test_access1" > #create mode = 0664 > #directory mode = 0775 > > [IT] > comment = Home Directories > path = /home/IT > browseable = no > writable = yes > #valid users = @"ADGROUP+domain users" > directory mode = 0775 > valid users = @"ADGROUP+domain test_access2" > write list = @"ADGROUP+domain test_access2" > read list = @"ADGROUP+domain test_access2" > > > If someone try to access the samba server (\\sambaserver<file:///\\sambaserver>) it will create "ADusername" directory on the server. (user Mary access the server it will create a directory named mary automatically ) I need to redirect them to a specific directory based on the Active directory group access . > > Can someone help to me solve the issue. > > Thanks, > Tharanga > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba