General :: Samba Shares And File And Folder Permissions - No Access To Others
Jul 13, 2011
i have 3 shares on my samba. i have users - user, manager and boss projects is RW to everyone reference is R to everyone RW to manager and boss Proposals is RW only to boss, no access to others However when boss logs in and creates a directory in projects share, the directory can only be renamed bu users and manager, and directory contents are read only for users and managers, even deletion / rename is denied. How can i make sure that when ever boss creates a directory in projects, it retains base folder permissions and is writable to user this is my samba file... i am using red hat 6.1 with samba 3.5.6 (i think)
I am working as a Linux administrator in a very small data centre with 5 servers with following routine tasks.
1. Managing SAMBA shares and giving user specific access for the shares. 2. Scheduling backup of some mount points with rsycn to store data in remote hard disk 3. User and group administration, with sudo access. 4. Creating and Managing Xen Virtual machines and giving access to other project teams. 5. Automating some tasks with Shell Scripting. 6. Managing FTP server for user uploads.
I have practiced a lot in my home laptop without RHEL training, Cleared RHCE and LPIC1. I want to do some advanced system admin tasks, but do not have option in my current data centre. With Above skills is it possible to get a job ?
I am the IT Manager at a research facility. We have a fairly unique network configuration in order to support all of the different projects we have going on. We have Red Hat, Ubuntu, Windows XP/Vista/7, Windows Servers 2003, Ubuntu servers, Red Hat servers, and even a few Netgear ReadyNAS and Buffalo Terastations. Over the last few years, I have been migrating all of my users and accounts to a single ACL list, which I chose to be a Windows AD 2003 server. 95% of my users work on Windows platforms and just use ssh tunnels to develop on our linux boxes.
However, i ran in to a problem with our Linux boxes not being able to symbolic link on my Windows 2003 file shares. Of course, this is a problem with Windows not supporting symbolic links. I know 2008 does support this feature, but given the economy and the budget restraints, we cannot afford to purchase the updates we would need, so now I am moving all of my shares to a Ubuntu 10.04 server using Samba. I have joined the server to my AD domain successfully, i can login using my AD credentials, and even assign ownership and group permissions using AD users/groups.
Here is my question.
I would like to keep the AD permission schemes intact. I have several shares that contain folders that have individual permission settings. For example, I have a /shared directory that contains about 50 different folders. Some of these folders I allow my users to write data to, some just read, and others I deny access to complete groups and just allow key groups to access (for example, personnel data should only be accessed by the Administrative staff).
Is there a way to make this work?
I can assign uid and gid manually per folder in Samba, but i would like to have the possibility to add multiple users and groups with permissions to folders, which I do not believe can be done with the standard chown commands. Currently, I can see the folder permissions from my Windows box, but when I try to edit the permission settings, it defaults back to full access. So my AD permissions are not being saved.
I have a Natty headless server that I would like to set up shared directories and grant specific users write permissions. I use a Windows 2008 R2 machine with Active Directory for authentication and have created a group GroupWithWriteAccess which I want to have write access to the shared directory. I want all other users to have read only access. I have edited my smb.conf file with the following
The machine is fully setup to work with Windows authentication and I can access shares from the ubuntu machine, it's just sharing local directories with the correct permissions that I can't work out. So far I can access the files from my other machine, but I do not have write access even though I am logged on as a user who is a member of GroupWithWriteAccess.
I've been running a Samba server under RedHat 8 for five years without a hiccup. I want to cut over to a F10 box but cannot get shares accessible. smbclient attempts fail over NT password error. SELinux is disabled. Server is visible on the network. Users require no password access to shared data.
# Samba config file created using SWAT # from UNKNOWN (>) # Date: 2009/06/12 14:15:15
The company I work for, as usual, is Microsoft-centric. I'm attempting to integrate my Ubuntu server into the domain to allow domain users to authenticate to the server and access file shares using Samba. Here's my current configuration:
I have been having off and on issues with my samba file shares. I am sharing a NTFS formated hard drive where the mount point is in my home directory, as well as a printer connected via USB. I am to the point where printing works (using it as an ipp print share, samba is configured for it, but I don't know if it works or not), and I can access the shared folder from Windows, but I can't access the shared folder from any Ubuntu machine. I get the error:
I have had server running for over a year and have run into my first major issue. I am no longer able to browse to the server by hostname or IP and view all available Samba shares. I receive a windows popup informing me I do not have permissions However I am still able to browse to the shares themselves \hostnameshare.I am currently assuming this is an issue with the config of the samba share module/
I can't access some folders on my samba share. For example I set the Video folder to share and to allow creating or moving files. But inside the video folder I cant access some folders. This only happened after I upgraded my samba client.
find that i cant access from my ubuntu box (desktop), now running 11.04 (i was able to access yesterday, when i tested the config). I CAN access from my XP and Win7 virtualboxes.and also from another win7 on the house.. So server is working good aparently.This is all i modified from the default config file:
Code: ####### Authentication ####### # "security = user" is always a good idea. This will require a Unix account
First off a little history of me lol. I'm not completely a Linux noobie, but I'm not the most advanced user either. With that said I have a few interesting problems with Samba.First off I can see the NetBios name under Windows Networking (Windows 7), however everytime I try to connect to it I get an Access Denied and/or "Incorrect Password/Username" error. I have gone into secpol.msc and changed the values that other posts have suggested. Both the server and the workstation are located under the same group, and I have used the smbpasswd -a <username>. The server is not configured to be a Primary Domain Controller so.. I'm lost. Infact my brain hurts from 3 days of this. I have posted my SMB.CONF file to see if that helps. Hum.. Maybe I'm just trying to access a file share that isn't there..
I'm evaluating OpenSUSE and have installed 11.3 with Gnome (from the latest liveCD) and have it all running fine in a VM at the moment. We are looking at using it for an iSCSI/NFS/Samba server and have it allrunning and it is all configurable from Yast. However I can't seem to get Nautilus to play ball and allow sharing of Samba/NFS shares under folder properties (I'm fairly positive I've done this fine in Ubuntu). All I ever get is Usershare/Gnome sharing (which I believe is Webdav).
I must say I am so impressed with OpenSUSE, the partition manager is just a dream to use and everything works really well it would just be really nice to be able to share NFS/Samaba shares from the file manager. There doesn't seem to be any other file managers in the repositories so I'm a bit stuck now.
it's driving me nuts. Done a few things now, including this last: [URL]that didn't work. All the other comps in the house are windows 7, and I want this box to be my file server, with two 1 TB HDD plugged into it via USB, but I can't get the damn samba to allow access to everyone. Here's the path in the config file:
[data] comment = Test sharing path = /media/Shared
I recently upgraded my ubuntu samba fileserver to 10.04 along with increasing the size of my RAID 1 /home directory.I am using the same smb.conf file setup I have used on intrepid ibis setup and hardy heron setup before that.On my new setup, I can see the ubuntu server on my windows 7 machines, but I can't see the shares and can't access them.In checking the logs (/var/log/samba), one log continues to look for a printer share from one Windows machine that I have not set up on samba yet.
I have found a few people who have reported similar problems online, even a few who have filed bugs, but then they say "my computer started working suddenly. I don't know what happened." so they closed the bug. or "my computer started working after I rebooted my machine." I have rebooted all machines on the network. That doesn't fix it.
I recently switched from centos to fedora as my server choice. Probably not the best decision but I like trying new things. Now before I switched I had my samba server setup just they way I wanted it. Now I'm having a hard time getting it back to that way. Here is my smb.conf
Code: [global] workgroup = workgroup netbios name = netbios name server string = Linux Server security = user wins support = yes encrypt passwords = Yes domain logons = yes [homes] comment = Home Directories browseable = yes writable = yes valid users = %S
[me] path = /home/me read only = no public = yes create mask = 0777 directory mask = 0777 browseable = yes writable = yes
Now I did throw away my old smb.conf because it wasn't that complicated and I figured I could reproduce it.. aside from that everything is working except for the fact that I can access any share I want to listed without it requesting a password. I have a username and password setup with smbpasswd and I think everything else is setup correctly involving samba shares but I have no idea why it won't request a password.
So I setup the newest Ubuntu on my old desktop on a 30g HD and have 2 200G HDs with a ntfs file system on those two. I got SSH and FTP configured, then went on to setup Samba.I have it (seemingly) set up well. /dev/sb1 gets mounted on /data1 /dev/sc1 gets mounted on /data2.I want anyone connected to my router to be able to see this machine and be able to read and write to both shares.
I configured WINS on my laptop to point to the linux box. and i've seen the pc in question (TECH-PC) in "My Network Places" on both of our laptops.Long story short, I try to connect to my network share and it says i don't have permission and i need to contact my network admin. This computer is the only one with Linux installed, the rest are windows-OS.Let me know if you need more info, pretty stumped here, have searched, read, scrapped my install and started from scratch, maybe i need to sleep on it
I'm using ubuntu server 9.10 for a home build NAS. Everything is working great just have one more thing to figure out. I have Samba set up to access my files and I set up a recycle feature so anything deleted will get moved to a Recycled folder. (I learned this the hard way after hitting delete key by accident while browsing the shares in windows. Lost 100 GB of data)
Now it is for the most part working but the permissions on folders isn't getting set right. If I delete a file in a share I can go to Recycle bin folder and delete the file for good. But if I delete a folder I can not access that folder to delete or restore from the Recycle bin folder. I have to chmod the folder before I can do anything with it. Anything I can change to get folders deleted via windows to have the right permissions when it is moved to the Recycle bin folder?
i have an old desktop that i have decided to use as a central point for localhost/website files. I have 2 laptops, a ubuntu and vista, and i want them both to be able to see the public_html folder on my desktop, and be able to create/update folders and files.
I have set up the samba sharing and that's working fine, but when i create folders using my laptop, they are not writeable to the desktop or other laptop because my laptop is the creator. Is there a way that I can set it so that whenever folders/files are created from either laptop, they have full permissions?
I have a file server setup with samba integrated with swat management. The server isn't a domain controller. The file server is working well with the shares all working correctly except for one problem. I would like the users be able to manage the folder permissions from a windows PC. This can be done from a login as the root user if need be but, the key is that the system be manageable from the windows PC.
I have followed the instructions of multiple how to's but still get and error that access is denied when trying to apply permissions. I am able to search the server for users to add and the names resolve. What are the configurations that I should be looking at where the NT permissions in samba are configured. nt acl support is set to yes and any other acl settings used produce the same result.
I've created a new user for a SSH tunnel only.After login I can access all directories because permissions is set for "Others" to "Access files".Now my question: Is this normal that permissions for Folder access for "Others" is always set to "Access files"?I don't want my SSH tunnel user accessing the directories.
I am traveling to the UK next week, and whilst I am there, I need to be able to access my SAMBA shares hosted on my HOMESERVER, via my laptop in england.
I have tried Hamachi before, which works fine on windows, but the linux version is awful, and hardly works. So I need an alternative. I did a bit of googling, but I don't know what "bridged" means when I found a OpenVPN tutorial
I was wondering if anyone could give me some information as to what I'll need, and what I'll need to do on both my homeserver and my laptop?
I'm trying to learn about permissions on linux webserver with apache.Some clues to the system: The server I have to play around with is Fedora based. Apache runs as apache:apache. To allow for e.g. php to write to a file the file needs to be chmod 777. 755 is not sufficiant.What I'm wondering is basically how set up permissions like they should be on e.g. a "shared web host".My main problem is that if I set a permission so that one user cannot access anothers home folder, then apache can't read from the public_html folder either.
To keep the users out I need to set chmod 700. But to let apache to read I need to have at least execute on world,so a 701 basically works, but won't let some users in.So I'm really stuck on what to do. Have been concidering adding the apache user to the frous grours below to avoid having to add the world execute flag, but is that a bad thing? Should it be the other way around, the users in the groups below should also be in the apache group?I was aiming at having 4 groups:
1. webapp: same as dev_int, but is the only one that can go inside the webapp/live folder to e.g. do an update from the repo.
2. dev_int: can read,write and execute everything in the "web root", including the two below, but nothing outside of the web root
3. dev_ext: can read write and execute in all client folders, but cannot access anything outside of the webapp root
4. clientsBasic ftp accounts. Has a home folder with a public_html, but cannot access any other home folders