I need to Share a Linux file system with Windows 2000 clients and the file system needs to
support complete Microsoft-based file level security. In other words, I should be able to assign
different access rights to multiple users and groups. Typically what you will do on a NT/2000
server by "right click / security and add user and his access rights". How do I do this on Samba
3.0?
I
Requires Free Membership to View
When you register, my team of editors will also send you resources covering Linux administration and management; integration and interoperability between Linux, Windows and Unix; securing Linux and mixed-platform environments; and migrating to Linux.
Margie Semilof, Editorial Director
suggest you refer to "The Official Samba-3 HOWTO and Reference Guide," ISBN: 0131453556,
available from Amazon.Com. Chapter 12, "File, Directory and Share Access Controls".
Additionally, you might refer to Chapter 2, "Fast Start: Cure for Impatience" of the same book. This provides several worked examples for how to control access to Samba shared resources.
In short:
- Just as in Windows NT4/200x you can set ACLs on a share. This is done from the Windows NT4/200x/XP workstation logged in with domain administrative rights.
- You can use UNIX file system permissions to control such access.
- You can use share definition control to limit or enable access to files and directories from the root of the share
- Providing the UNIX/Linux file system supports ACLs (and ACL support has been comiled into Samba) you can use Windows ACLs to set POSIX ACLs on file system objects (files and directories).
This was first published in November 2003