KKJensen
25th January 2007, 11:02 PM
Hi there everyone,
I've got a small samba machine started up with winbind (& friends) authenticating on a windoze2k active directory server. I've been reading about ACL and how it can allow windows users to manage permissions via samba.
All my domain users are part of the default domain "Domain Users"...and some are also part of the group "mgmt" but everyone's default group is "Domain Users".
When creating files/directories on the samba share, the permissions assigned are always rwxr--r-- <owner> Domain Users
I have 2 questions:
1. Can the default permissions be changed? I would REALLY prefer rwxrwx--- as the default.
2. The "mgmt" group cannot change any of their files or directories to "mgmt" instead of the default "Domain Users". "D'U'" needs to be the default as we work more as a team than separate but certain directories need to be locked down. As root I can chgrp the directory but it would VERY useful if we could do this somehow from windows without having to log in as root all the time (read: come bug me all the time) It also seems a bit weird that the domain users all have "Domain Users" as the default and the button to change it is greyed out...I don't have much choice if this is how windoze is going to play. Can anyone remember WAY back when they were primarily a win-admin how to un-grey this box?
I've got a small samba machine started up with winbind (& friends) authenticating on a windoze2k active directory server. I've been reading about ACL and how it can allow windows users to manage permissions via samba.
All my domain users are part of the default domain "Domain Users"...and some are also part of the group "mgmt" but everyone's default group is "Domain Users".
When creating files/directories on the samba share, the permissions assigned are always rwxr--r-- <owner> Domain Users
I have 2 questions:
1. Can the default permissions be changed? I would REALLY prefer rwxrwx--- as the default.
2. The "mgmt" group cannot change any of their files or directories to "mgmt" instead of the default "Domain Users". "D'U'" needs to be the default as we work more as a team than separate but certain directories need to be locked down. As root I can chgrp the directory but it would VERY useful if we could do this somehow from windows without having to log in as root all the time (read: come bug me all the time) It also seems a bit weird that the domain users all have "Domain Users" as the default and the button to change it is greyed out...I don't have much choice if this is how windoze is going to play. Can anyone remember WAY back when they were primarily a win-admin how to un-grey this box?
