NethServer Version: v7
Module: Shared Folders with AD as the Account Provider
We have 4 users and about 6 Shared Folders setup.
For two folders, 2 users need ReadOnly access
while the other 2 users have ReadWrite access
.
For another folder, only 2 users need ReadWrite access
and no-one else should have access to this folder.
The problem is that I need to select the Allow read permission to everyon
e in combination with Read and write in order to give the 2 authorized users the correct Read/Write access
even though I have explicitly given them the Read/Write permissions
under the ACL tab.
I have been a senior Windows Server administrator and network administrator and dev and I currently work in DevOps so the Windows share and file permissions assignments are something very easy for me, I can do it in my sleep.
So I donât know if there is something really obvious that I am completely missing? Or if there is something in the config files that has gone wrong when I was changing the config around during the initial setup.
The General tab for the share is:
and the ACL tab is:
Both of the users shown on the ACL tab are in the nokken@thenesbitts.net
group.
For the users who are authorized to access this folder, they can only view and write to it if I select the options Allow read permission to everyone
and Read and write
under Guest Access
.
the smb.conf
shows:
[nokken-files]
path = /var/lib/nethserver/ibay/nokken-files
comment = Nokken Business Files
# 20profile_default:
read only = no
inherit permissions = yes
; Add group write bit to default create mask, remove DOS archive bit (see below) #2039
create mask = 0664
inherit owner = yes
; Use extended attribute to store DOS attributes (see man page)
store dos attributes = yes
map archive = no
map readonly = no
inherit acls = yes
map acl inherit = yes
guest ok = no
browseable = yes
# 90vfs_output
vfs objects = full_audit recycle
recycle: exclude_dir = /tmp,/temp,/cache
recycle: repository = Recycle Bin
recycle: versions = True
recycle: keeptree = True
recycle: touch = True
recycle: directory_mode = 0770
recycle: exclude = *.tmp,*.temp,*.o,*.obj,~$*
The problem is that if I if I select the options Allow read permission to everyone
and Read and write
under Guest Access
, then all users can read and write to the share and I canât have that.
What am I missing or getting wrong?