On Wed, 2008-03-26 at 13:28 -0700, Scott Silva wrote: > on 3-26-2008 1:01 PM Ray Leventhal spake the following: > > > >>> > >> It is possible, because I am doing it. I have share=user and have home > >> directories viewable by the user and the admin (me). I have various > >> departmental shares that each department can access and no one else > >> (but the admin -- again me). Even shares that aren't browsable, so no > >> one even knows they are there if not given access. > >> And I have several public shares, some read-write, some read only with > >> install files and such. USers that try to access a share they have no > >> permission to get the logon box, but it will never actually auth > >> because their rights don't allow it. > >> > >> ------------------------------------------------------------------------ > > I have no doubt it's possible....might it be possible for you to post a > > sanitized version of your [globals] and one or two of the shares from > > the smb.conf file so that I can compare what's working for you with > > what's not working for me? > > > > TIA, > > -Ray > Some sanitized areas marked ***removed*** > A server that will also do domain logins and roaming profiles; > > > [global] > protocol = NT1 > name resolve order = lmhosts, wins, bcast > passwd chat = *New*password* %n\n *Retype*new*password* %n\n > *passwd:*all*authentication*tokens*updated*successfully* > idmap gid = ***removed*** > admin users = ***removed*** > lm announce = Yes > lpq cache time = 600 > remote browse sync = ***removed*** > hosts allow = ***removed*** > time server = Yes > veto files = /lost+found/ > level2 oplocks = yes > passwd program = /usr/bin/passwd %u > dns proxy = yes > netbios name = SERVER > printing = cups > logon script = netlogin.bat > idmap uid = ***removed*** > veto oplock files = /*.xls/ > remote announce = ***removed*** > workgroup = ***removed*** > os level = 129 > security = user > add machine script = /usr/sbin/useradd -d /dev/null -g machines -s > /sbin/nologin -M %u > delete user script = /usr/sbin/deluser %u > dos filetimes = yes > log file = /var/log/samba/smbd.log > load printers = yes > guest account = smbuser > socket options = TCP_NODELAY SO_SNDBUF=4096 SO_RCVBUF=4096 > logon drive = Z: > deadtime = 30 > domain master = Yes > interfaces = ***removed*** > map to guest = Bad User > encrypt passwords = yes > winbind use default domain = no > printer admin = ***removed*** > passdb backend = tdbsam > template shell = /bin/false > wins support = true > server string = ***removed*** > path = /var/spool/samba > unix password sync = yes > logon path = \\%N\profiles\%U > domain logons = Yes > socket options = TCP_NODELAY SO_SNDBUF=8192 SO_RCVBUF=8192 > > > Home share; > > [homes] > browseable = no > comment = Home Directories > writable = yes > vfs objects = recycle > recycle:repository = Recycle Bin > recycle:versions = Yes > recycle:keeptree = Yes > recycle:exclude = *.tmp|*.temp|*.o|*.obj|~$*|*.~??|*.log|*.trace|*.TMP > recycle:excludedir = /tmp|/temp|/cache > recycle:noversions = *.doc|*.ppt|*.dat|*.ini > > A public writable share; > > [public] > comment = public access directory > path = /home/public > admin users = ***removed*** > read only = No > guest ok = Yes > vfs objects = recycle > #recycle: config-file = /etc/samba/recycle.conf > recycle:repository = Recycle Bin > recycle:versions = Yes > recycle:keeptree = Yes > recycle:exclude = *.tmp|*.temp|*.o|*.obj|~$*|*.~??|*.log|*.trace|*.TMP > recycle:excludedir = /tmp|/temp|/cache > recycle:noversions = *.doc|*.ppt|*.dat|*.ini > > A public read-only share writable by admin; > > [install] > comment = Home Directories > path = /opt/updates > admin users = ***removed*** > write list = ***removed*** > read only = No > guest ok = Yes > > > A group departmental share only certain users allowed; > > [Accounting] > writeable = yes > wide links = No > path = /home/accounting > force group = accounting > force user = accounting > valid users = ***removed*** > vfs objects = recycle > #recycle: config-file = /etc/samba/recycle.conf > recycle:repository = Recycle Bin > recycle:versions = Yes > recycle:keeptree = Yes > recycle:exclude = *.tmp|*.temp|*.o|*.obj|~$*|*.~??|*.log|*.trace|*.TMP > recycle:excludedir = /tmp|/temp|/cache > recycle:noversions = *.doc|*.ppt|*.dat|*.ini > > _______________________________________________ Scott, Thanks for posting the config file but comparing it to mine I see nothing wrong. I am going to do a clean install of the server and start over with Cent OS 5.1. It use to be a RHEL updated to centos maybe that's the reason for the problems??? > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos -- ~/john OpenPGP Sig:BA91F079