I am going to start off assuming that you have:
- Installed Samba
- Have the file structure already in place (your group folders, mounts, etc.)
- Are mostly working on the configuration part now.
- Since there are 15 users - I am assuming that you do not have an active directory domain and it will be managed manually on the server.
Note: I am not a sys admin and cannot really tell you that this is the safest way to accomplish your task, however, it should work and be pretty straight forward. It sounds as though it isn't a huge deal there, but in the future you may want to re-structure it if the organization scales or you use AD or some domain service. Since you mention it not being connected to the web, I won't really go into that stuff.
Now, you need to work in the /etc/samba/smb.conf
file (which will require root permissions).
The basic structure of the smb.conf file is:
[sharename]
comment = Whatever comment you want
path = /path/to/share
browseable = no ; I assume...
read only = no
writeable = yes ; Redundant of read only, but whatever
create mask = 0700
directory mask = 0700
valid users = @groupname
So for your situation, it would probably look like:
[high]
comment = The High User group
path = /srv/high
browseable = no
read only = no
writable = yes
create mask = 0700
directory mask = 0700
valid users = @high
[mid]
comment = The Mid User Group
path = /srv/mid
... (copy from above)
valid users = @high @mid
[low]
comment = The Low User group
path = /srv/low
...
valid users = @high @mid @low
[guest]
comment = The Guest User Group
path = /srv/guest
.... ; No valid users needed...
[Be sure you have the path's right, I would mount them like that - but not sure your structure]
You'll need to add the groups to your machine:
addgroup {high,mid,low,guest}
Then you need users all established on your server (unless you want to go the smbusers route, which may be more applicable if you intend to scale ever):
useradd -m -g users -G high -s /bin/nologin USERNAME
That adds a user named "USERNAME" to the group "users" and supplemental group "high". Then to set the password passwd USERNAME
. Also sets their shell to nologin so they can't log in locally on the server and execute commands.
Then add that user to SAMBA:
smbpasswd -a USERNAME
Restart Samba to try it out:
Systemd:
service smb restart
Init:
/etc/init.d/smb reload
Under the [global]
section, I would recommend that you enable unix password sync = yes
(I believe that is default already). That way whatever their unix password is, the password is for the share.
To mount from windows, you'd do: \\SERVERNAMEorIP\high
from "map network drive" in My Computer.
why must you use Ubuntu - do you need to serve NFS as well? Second question, why did someone with only a basic knowledge of linux get handed a task that is usually handed to someone with SysAdmin level skills? Do you need authentication or directory lookup services as well (ie ldap/kerberos/AD) or will this all be with local permissions? – MaQleod – 2013-02-01T19:56:32.087
Yes, I'll need NFS .The "basic knowledge" means I am not quit up to the task- and need help with it :) . Why I got this task? Because I might be the only one capable to make it done - the rest of available people has less knowledge than me ... (facepalm) . The network is LAN and has internet access but the server will be used locally only and user should be able to map their drives. – Cups – 2013-02-01T20:05:48.140
Can we assume no Active Directory and you will manually set-up the users on the server? – nerdwaller – 2013-02-01T20:08:37.553
Yes , I will add each user manually. – Cups – 2013-02-01T20:18:29.243
And thx for taking time to assist me with this.I do appreciate it – Cups – 2013-02-01T20:19:27.683