on 3-26-2008 1:01 PM Ray Leventhal spake the following: > >>> >> It is possible, because I am doing it. I have share=user and have home >> directories viewable by the user and the admin (me). I have various >> departmental shares that each department can access and no one else >> (but the admin -- again me). Even shares that aren't browsable, so no >> one even knows they are there if not given access. >> And I have several public shares, some read-write, some read only with >> install files and such. USers that try to access a share they have no >> permission to get the logon box, but it will never actually auth >> because their rights don't allow it. >> >> ------------------------------------------------------------------------ > I have no doubt it's possible....might it be possible for you to post a > sanitized version of your [globals] and one or two of the shares from > the smb.conf file so that I can compare what's working for you with > what's not working for me? > > TIA, > -Ray Some sanitized areas marked ***removed*** A server that will also do domain logins and roaming profiles; [global] protocol = NT1 name resolve order = lmhosts, wins, bcast passwd chat = *New*password* %n\n *Retype*new*password* %n\n *passwd:*all*authentication*tokens*updated*successfully* idmap gid = ***removed*** admin users = ***removed*** lm announce = Yes lpq cache time = 600 remote browse sync = ***removed*** hosts allow = ***removed*** time server = Yes veto files = /lost+found/ level2 oplocks = yes passwd program = /usr/bin/passwd %u dns proxy = yes netbios name = SERVER printing = cups logon script = netlogin.bat idmap uid = ***removed*** veto oplock files = /*.xls/ remote announce = ***removed*** workgroup = ***removed*** os level = 129 security = user add machine script = /usr/sbin/useradd -d /dev/null -g machines -s /sbin/nologin -M %u delete user script = /usr/sbin/deluser %u dos filetimes = yes log file = /var/log/samba/smbd.log load printers = yes guest account = smbuser socket options = TCP_NODELAY SO_SNDBUF=4096 SO_RCVBUF=4096 logon drive = Z: deadtime = 30 domain master = Yes interfaces = ***removed*** map to guest = Bad User encrypt passwords = yes winbind use default domain = no printer admin = ***removed*** passdb backend = tdbsam template shell = /bin/false wins support = true server string = ***removed*** path = /var/spool/samba unix password sync = yes logon path = \\%N\profiles\%U domain logons = Yes socket options = TCP_NODELAY SO_SNDBUF=8192 SO_RCVBUF=8192 Home share; [homes] browseable = no comment = Home Directories writable = yes vfs objects = recycle recycle:repository = Recycle Bin recycle:versions = Yes recycle:keeptree = Yes recycle:exclude = *.tmp|*.temp|*.o|*.obj|~$*|*.~??|*.log|*.trace|*.TMP recycle:excludedir = /tmp|/temp|/cache recycle:noversions = *.doc|*.ppt|*.dat|*.ini A public writable share; [public] comment = public access directory path = /home/public admin users = ***removed*** read only = No guest ok = Yes vfs objects = recycle #recycle: config-file = /etc/samba/recycle.conf recycle:repository = Recycle Bin recycle:versions = Yes recycle:keeptree = Yes recycle:exclude = *.tmp|*.temp|*.o|*.obj|~$*|*.~??|*.log|*.trace|*.TMP recycle:excludedir = /tmp|/temp|/cache recycle:noversions = *.doc|*.ppt|*.dat|*.ini A public read-only share writable by admin; [install] comment = Home Directories path = /opt/updates admin users = ***removed*** write list = ***removed*** read only = No guest ok = Yes A group departmental share only certain users allowed; [Accounting] writeable = yes wide links = No path = /home/accounting force group = accounting force user = accounting valid users = ***removed*** vfs objects = recycle #recycle: config-file = /etc/samba/recycle.conf recycle:repository = Recycle Bin recycle:versions = Yes recycle:keeptree = Yes recycle:exclude = *.tmp|*.temp|*.o|*.obj|~$*|*.~??|*.log|*.trace|*.TMP recycle:excludedir = /tmp|/temp|/cache recycle:noversions = *.doc|*.ppt|*.dat|*.ini -- MailScanner is like deodorant... You hope everybody uses it, and you notice quickly if they don't!!!! -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 250 bytes Desc: OpenPGP digital signature URL: <http://lists.centos.org/pipermail/centos/attachments/20080326/7419c302/attachment-0005.sig>