How can I set up Samba shares to only be accessed by certain users?Standard user is able to use other logged in user credentials to access Samba shares Ubuntu 14.04Samba Server: security = user is not showing upCan see samba shares but not access themCreating multiple password protected shares in SambaHow to force group ownership on samba share?Samba File Server hide folders for certain usersOpenSSH - Restrict users to one or multiple foldersSamba share mounts have wrong permissionsSamba shares only work with “force user”Users can't access samba AD sharesHow to make folders invisible to certain usersGive write-access to subfolder in read-only samba share
Are all passive ability checks floors for active ability checks?
How to make healing in an exploration game interesting
Logical notation
Charles Hockett - 'F' article?
Python if-else code style for reduced code
Why is the BSI not using powers of two?
How to change two letters closest to a string and one letter immediately after a string using notepad++
AG Cluster db upgrade by vendor
How to use deus ex machina safely?
How difficult is it to simply disable/disengage the MCAS on Boeing 737 Max 8 & 9 Aircraft?
What should tie a collection of short-stories together?
How to explain that I do not want to visit a country due to personal safety concern?
Most cost effective thermostat setting: consistent temperature vs. lowest temperature possible
What is the rarity of this homebrew magic staff?
May I change the held type in a std::variant from within a call to std::visit
Science-fiction short story where space navy wanted hospital ships and settlers had guns mounted everywhere
Life insurance that covers only simultaneous/dual deaths
Why do Australian milk farmers need to protest supermarkets' milk price?
PTIJ: Who should I vote for? (21st Knesset Edition)
Have researchers managed to "reverse time"? If so, what does that mean for physics?
My adviser wants to be the first author
Official degrees of earth’s rotation per day
Audio processing. Is it possible to directly access the decoded audio data going into the analog input of a computer
Does Mathematica reuse previous computations?
How can I set up Samba shares to only be accessed by certain users?
Standard user is able to use other logged in user credentials to access Samba shares Ubuntu 14.04Samba Server: security = user is not showing upCan see samba shares but not access themCreating multiple password protected shares in SambaHow to force group ownership on samba share?Samba File Server hide folders for certain usersOpenSSH - Restrict users to one or multiple foldersSamba share mounts have wrong permissionsSamba shares only work with “force user”Users can't access samba AD sharesHow to make folders invisible to certain usersGive write-access to subfolder in read-only samba share
I have a RAID10 array mounted on Ubuntu Server 12.04. I have created a few folders within the mount point and want the following functionality.
There will be 4 users, 3 of them are windows users: 'one' 'two' & 'three'.
'four' is a media streamer that only needs to access the MEDIA share.
One Two and Three need to have full access to the media share and their own personal shares (for documents) which no other users but them can access.
Currently, User Four works perfectly (Has full access to the MEDIA folder and can't access folders owned by other users). The problem is, when logged in as the other user, I can't access either share; (tried using valid users = and using chmod to add permissions to no avail).
TL;DR: I need to know how to configure Samba properly to restrict access to certain shares for certain users and allow all of them to access one communal folder (all files on a RAID10 mount).
server permissions samba multiple-users
edited Jan 29 '14 at 9:50
Flyk
1,38931624
asked Oct 29 '12 at 7:10
LiamLiam
148124
add a comment |
I have a RAID10 array mounted on Ubuntu Server 12.04. I have created a few folders within the mount point and want the following functionality.
There will be 4 users, 3 of them are windows users: 'one' 'two' & 'three'.
'four' is a media streamer that only needs to access the MEDIA share.
One Two and Three need to have full access to the media share and their own personal shares (for documents) which no other users but them can access.
Currently, User Four works perfectly (Has full access to the MEDIA folder and can't access folders owned by other users). The problem is, when logged in as the other user, I can't access either share; (tried using valid users = and using chmod to add permissions to no avail).
TL;DR: I need to know how to configure Samba properly to restrict access to certain shares for certain users and allow all of them to access one communal folder (all files on a RAID10 mount).
server permissions samba multiple-users
edited Jan 29 '14 at 9:50
Flyk
1,38931624
asked Oct 29 '12 at 7:10
LiamLiam
148124
add a comment |
I have a RAID10 array mounted on Ubuntu Server 12.04. I have created a few folders within the mount point and want the following functionality.
There will be 4 users, 3 of them are windows users: 'one' 'two' & 'three'.
'four' is a media streamer that only needs to access the MEDIA share.
One Two and Three need to have full access to the media share and their own personal shares (for documents) which no other users but them can access.
Currently, User Four works perfectly (Has full access to the MEDIA folder and can't access folders owned by other users). The problem is, when logged in as the other user, I can't access either share; (tried using valid users = and using chmod to add permissions to no avail).
TL;DR: I need to know how to configure Samba properly to restrict access to certain shares for certain users and allow all of them to access one communal folder (all files on a RAID10 mount).
server permissions samba multiple-users
edited Jan 29 '14 at 9:50
Flyk
1,38931624
asked Oct 29 '12 at 7:10
LiamLiam
148124
I have a RAID10 array mounted on Ubuntu Server 12.04. I have created a few folders within the mount point and want the following functionality.
There will be 4 users, 3 of them are windows users: 'one' 'two' & 'three'.
'four' is a media streamer that only needs to access the MEDIA share.
One Two and Three need to have full access to the media share and their own personal shares (for documents) which no other users but them can access.
Currently, User Four works perfectly (Has full access to the MEDIA folder and can't access folders owned by other users). The problem is, when logged in as the other user, I can't access either share; (tried using valid users = and using chmod to add permissions to no avail).
TL;DR: I need to know how to configure Samba properly to restrict access to certain shares for certain users and allow all of them to access one communal folder (all files on a RAID10 mount).
server permissions samba multiple-users
server permissions samba multiple-users
edited Jan 29 '14 at 9:50
Flyk
1,38931624
asked Oct 29 '12 at 7:10
LiamLiam
148124
edited Jan 29 '14 at 9:50
Flyk
1,38931624
asked Oct 29 '12 at 7:10
LiamLiam
148124
edited Jan 29 '14 at 9:50
Flyk
1,38931624
edited Jan 29 '14 at 9:50
Flyk
1,38931624
edited Jan 29 '14 at 9:50
Flyk
1,38931624
1,38931624
asked Oct 29 '12 at 7:10
LiamLiam
148124
asked Oct 29 '12 at 7:10
LiamLiam
148124
asked Oct 29 '12 at 7:10
LiamLiam
148124
148124
add a comment |
add a comment |
2 Answers
2
active
oldest
votes
Each samba user must have a normal linux account as well.
- Make sure that every user can access the common media folder on the unix side (without samba); alternatively, you can set
force userinsmb.conf - Make sure each user has a samba password set. You can set it with
sudo smbpasswd -a your_user - Look at
/etc/samba/smb.conf: check if the linesecurity = useris set in the[GLOBAL]section - Set your shares in
/etc/samba/smb.conf, see example
Example shares:
[allaccess]
path = /media/common
read only = no
writeable = yes
browseable = yes
valid users = one, two, three, four
create mask = 0644
directory mask = 0755
; if you set this, all files get written as this user
force user = one
This will be accessible via \yourserverallaccess
A single user share:
[special]
path = /home/two/onlytwo
read only = no
writeable = yes
browseable = yes
valid users = one
create mask = 0640
directory mask = 0750
Restart the samba server after the changes with:
sudo service smbd restart
answered Oct 29 '12 at 13:52
phoibosphoibos
15.8k23844
2
You sir are a god, the masks and force user was what I needed all along but didn't understand.
– Liam
Oct 29 '12 at 19:22
3
I think "read only" and "writable" are so-called "inverted synonyms" for one another. No need to set them both.
– Mike Diehn
Apr 8 '14 at 14:53
1
Awesome! I had done every thing except step #2. I've never seen that mentioned anywhere else in setting up samba shares. Thanks!!
– PatrickSteele
Dec 29 '14 at 0:13
Don't specify share name as temp if you want it writable.
– SergA
Jan 24 at 4:26
add a comment |
My mistake -> include /etc/samba/%U.conf
Missing " = " -> include = /etc/samba/%U.conf
answered 15 mins ago
Gabriel CalusaruGabriel Calusaru
1
New contributor
Gabriel Calusaru is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
Your Answer
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "89"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f208013%2fhow-can-i-set-up-samba-shares-to-only-be-accessed-by-certain-users%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
2 Answers
2
active
oldest
votes
2 Answers
2
active
oldest
votes
active
oldest
votes
active
oldest
votes
Each samba user must have a normal linux account as well.
- Make sure that every user can access the common media folder on the unix side (without samba); alternatively, you can set
force userinsmb.conf - Make sure each user has a samba password set. You can set it with
sudo smbpasswd -a your_user - Look at
/etc/samba/smb.conf: check if the linesecurity = useris set in the[GLOBAL]section - Set your shares in
/etc/samba/smb.conf, see example
Example shares:
[allaccess]
path = /media/common
read only = no
writeable = yes
browseable = yes
valid users = one, two, three, four
create mask = 0644
directory mask = 0755
; if you set this, all files get written as this user
force user = one
This will be accessible via \yourserverallaccess
A single user share:
[special]
path = /home/two/onlytwo
read only = no
writeable = yes
browseable = yes
valid users = one
create mask = 0640
directory mask = 0750
Restart the samba server after the changes with:
sudo service smbd restart
answered Oct 29 '12 at 13:52
phoibosphoibos
15.8k23844
2
You sir are a god, the masks and force user was what I needed all along but didn't understand.
– Liam
Oct 29 '12 at 19:22
3
I think "read only" and "writable" are so-called "inverted synonyms" for one another. No need to set them both.
– Mike Diehn
Apr 8 '14 at 14:53
1
Awesome! I had done every thing except step #2. I've never seen that mentioned anywhere else in setting up samba shares. Thanks!!
– PatrickSteele
Dec 29 '14 at 0:13
Don't specify share name as temp if you want it writable.
– SergA
Jan 24 at 4:26
add a comment |
Each samba user must have a normal linux account as well.
- Make sure that every user can access the common media folder on the unix side (without samba); alternatively, you can set
force userinsmb.conf - Make sure each user has a samba password set. You can set it with
sudo smbpasswd -a your_user - Look at
/etc/samba/smb.conf: check if the linesecurity = useris set in the[GLOBAL]section - Set your shares in
/etc/samba/smb.conf, see example
Example shares:
[allaccess]
path = /media/common
read only = no
writeable = yes
browseable = yes
valid users = one, two, three, four
create mask = 0644
directory mask = 0755
; if you set this, all files get written as this user
force user = one
This will be accessible via \yourserverallaccess
A single user share:
[special]
path = /home/two/onlytwo
read only = no
writeable = yes
browseable = yes
valid users = one
create mask = 0640
directory mask = 0750
Restart the samba server after the changes with:
sudo service smbd restart
answered Oct 29 '12 at 13:52
phoibosphoibos
15.8k23844
2
You sir are a god, the masks and force user was what I needed all along but didn't understand.
– Liam
Oct 29 '12 at 19:22
3
I think "read only" and "writable" are so-called "inverted synonyms" for one another. No need to set them both.
– Mike Diehn
Apr 8 '14 at 14:53
1
Awesome! I had done every thing except step #2. I've never seen that mentioned anywhere else in setting up samba shares. Thanks!!
– PatrickSteele
Dec 29 '14 at 0:13
Don't specify share name as temp if you want it writable.
– SergA
Jan 24 at 4:26
add a comment |
Each samba user must have a normal linux account as well.
- Make sure that every user can access the common media folder on the unix side (without samba); alternatively, you can set
force userinsmb.conf - Make sure each user has a samba password set. You can set it with
sudo smbpasswd -a your_user - Look at
/etc/samba/smb.conf: check if the linesecurity = useris set in the[GLOBAL]section - Set your shares in
/etc/samba/smb.conf, see example
Example shares:
[allaccess]
path = /media/common
read only = no
writeable = yes
browseable = yes
valid users = one, two, three, four
create mask = 0644
directory mask = 0755
; if you set this, all files get written as this user
force user = one
This will be accessible via \yourserverallaccess
A single user share:
[special]
path = /home/two/onlytwo
read only = no
writeable = yes
browseable = yes
valid users = one
create mask = 0640
directory mask = 0750
Restart the samba server after the changes with:
sudo service smbd restart
answered Oct 29 '12 at 13:52
phoibosphoibos
15.8k23844
Each samba user must have a normal linux account as well.
- Make sure that every user can access the common media folder on the unix side (without samba); alternatively, you can set
force userinsmb.conf - Make sure each user has a samba password set. You can set it with
sudo smbpasswd -a your_user - Look at
/etc/samba/smb.conf: check if the linesecurity = useris set in the[GLOBAL]section - Set your shares in
/etc/samba/smb.conf, see example
Example shares:
[allaccess]
path = /media/common
read only = no
writeable = yes
browseable = yes
valid users = one, two, three, four
create mask = 0644
directory mask = 0755
; if you set this, all files get written as this user
force user = one
This will be accessible via \yourserverallaccess
A single user share:
[special]
path = /home/two/onlytwo
read only = no
writeable = yes
browseable = yes
valid users = one
create mask = 0640
directory mask = 0750
Restart the samba server after the changes with:
sudo service smbd restart
answered Oct 29 '12 at 13:52
phoibosphoibos
15.8k23844
answered Oct 29 '12 at 13:52
phoibosphoibos
15.8k23844
answered Oct 29 '12 at 13:52
phoibosphoibos
15.8k23844
answered Oct 29 '12 at 13:52
phoibosphoibos
15.8k23844
15.8k23844
2
You sir are a god, the masks and force user was what I needed all along but didn't understand.
– Liam
Oct 29 '12 at 19:22
3
I think "read only" and "writable" are so-called "inverted synonyms" for one another. No need to set them both.
– Mike Diehn
Apr 8 '14 at 14:53
1
Awesome! I had done every thing except step #2. I've never seen that mentioned anywhere else in setting up samba shares. Thanks!!
– PatrickSteele
Dec 29 '14 at 0:13
Don't specify share name as temp if you want it writable.
– SergA
Jan 24 at 4:26
add a comment |
2
You sir are a god, the masks and force user was what I needed all along but didn't understand.
– Liam
Oct 29 '12 at 19:22
3
I think "read only" and "writable" are so-called "inverted synonyms" for one another. No need to set them both.
– Mike Diehn
Apr 8 '14 at 14:53
1
Awesome! I had done every thing except step #2. I've never seen that mentioned anywhere else in setting up samba shares. Thanks!!
– PatrickSteele
Dec 29 '14 at 0:13
Don't specify share name as temp if you want it writable.
– SergA
Jan 24 at 4:26
2
2
You sir are a god, the masks and force user was what I needed all along but didn't understand.
– Liam
Oct 29 '12 at 19:22
You sir are a god, the masks and force user was what I needed all along but didn't understand.
– Liam
Oct 29 '12 at 19:22
3
3
I think "read only" and "writable" are so-called "inverted synonyms" for one another. No need to set them both.
– Mike Diehn
Apr 8 '14 at 14:53
I think "read only" and "writable" are so-called "inverted synonyms" for one another. No need to set them both.
– Mike Diehn
Apr 8 '14 at 14:53
1
1
Awesome! I had done every thing except step #2. I've never seen that mentioned anywhere else in setting up samba shares. Thanks!!
– PatrickSteele
Dec 29 '14 at 0:13
Awesome! I had done every thing except step #2. I've never seen that mentioned anywhere else in setting up samba shares. Thanks!!
– PatrickSteele
Dec 29 '14 at 0:13
Don't specify share name as temp if you want it writable.
– SergA
Jan 24 at 4:26
Don't specify share name as temp if you want it writable.
– SergA
Jan 24 at 4:26
add a comment |
My mistake -> include /etc/samba/%U.conf
Missing " = " -> include = /etc/samba/%U.conf
answered 15 mins ago
Gabriel CalusaruGabriel Calusaru
1
New contributor
Gabriel Calusaru is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
My mistake -> include /etc/samba/%U.conf
Missing " = " -> include = /etc/samba/%U.conf
answered 15 mins ago
Gabriel CalusaruGabriel Calusaru
1
New contributor
Gabriel Calusaru is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
My mistake -> include /etc/samba/%U.conf
Missing " = " -> include = /etc/samba/%U.conf
answered 15 mins ago
Gabriel CalusaruGabriel Calusaru
1
New contributor
Gabriel Calusaru is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
My mistake -> include /etc/samba/%U.conf
Missing " = " -> include = /etc/samba/%U.conf
answered 15 mins ago
Gabriel CalusaruGabriel Calusaru
1
New contributor
Gabriel Calusaru is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
answered 15 mins ago
Gabriel CalusaruGabriel Calusaru
1
New contributor
Gabriel Calusaru is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
answered 15 mins ago
Gabriel CalusaruGabriel Calusaru
1
answered 15 mins ago
Gabriel CalusaruGabriel Calusaru
1
1
New contributor
Gabriel Calusaru is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
New contributor
Gabriel Calusaru is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
Gabriel Calusaru is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
add a comment |
Thanks for contributing an answer to Ask Ubuntu!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f208013%2fhow-can-i-set-up-samba-shares-to-only-be-accessed-by-certain-users%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
