We don't use AD here. Searching these forums found this :
https://ubuntuforums.org/showthread.php?t=874982
Code:
valid users=@WRITE_LIST @READ_LIST
write list=@WRITE_LIST
read list=@READ_LIST
public=No
browseable=No
The smb.conf manpage says:
Code:
read list (S)
This is a list of users that are given read-only access to a
service. If the connecting user is in this list then they will not
be given write access, no matter what the read only option is set
to. The list can include group names using the syntax described in
the invalid users parameter.
Default: read list =
Example: read list = mary, @students
...
write list (S)
This is a list of users that are given read-write access to a
service. If the connecting user is in this list then they will be
given write access, no matter what the read only option is set to.
The list can include group names using the @group syntax.
Note that if a user is in both the read list and the write list
then they will be given write access.
Default: write list =
Example: write list = admin, root, @staff
The group of users with write need to have the native Unix group permissions of rwx and g+s on all the directories. Those commands are at the "share level." I haven't tested any of this.
Perhaps it will work? I should have posted images of the settings, so copy/paste wasn't possible, sorry.
Bookmarks