Samba Map Linux -> Windows

I’m setting up Samba and working out a few issues with user permissions on linux coming through to windows.

The only question I want answered is the user mapping. I have setup user mapping so that when user windows1 on windows creates a file, it generates on linux with ownership by user linux1. That mapping works perfectly fine.

But can I get confirmation that the samba mapping should also work in reverse?

So if I access a file initially created in linux by linux1, it will show up on the samba share in windows as being owned by windows1?

I ask because all the documentation I have found emphasizes mapping from windows to linux, but nothing explicitly stated that samba works in reverse.

Thanks

Hi,

User mapping in Samba translates the login name sent by the client to another local UNIX username. Security information shown to clients are UNIX (or POSIX ACL) security. So:

I confirm that it souldn’t work in reverse. A file created by windows1 should be shown in the share in Windows as own by linux1. So does a file created on the server side by linux1.

For help in using Samba in openSUSE, have a look at my Extensive Blog and script on the subject: S.A.C.T. - Samba Automated Configuration Tool - Version 1.06 - Blogs - openSUSE Forums

Thank You,

Ok. I missed that fact as I have read through all the documentation. Well, I guess my next question is if there is any way with samba to map linux file privileges onto a windows username. So that if I have a file


|filename|owner
|---|
|group
|permissions
|
|ExampleFile.txt
|linux1
|lingropu1
|rwxrwx---
|






Then this file that is owned by linux1 on the linux side will get mapped to user *windows1 *through the samba share on the windows side. I’m trying to address a scenario where a file gets created in linux and still needs to have full read/write permissions on windows, without those permissions causing a change in ownership that would deny permissions back on the linux side.

If this is possible, can someone point me to some documentation on it? Thanks.

In my blog (S.A.C.T.), I show how to 1) Share a common Partition that all can see and 2) Share your /home user area. The first requires you setup local permissions that all can users on that PC can work with. The second requires you setup a user list on the remote PC from which you want to share your /home user area. The users that need access must exist in the YaST user database and in Samba user database and you then use your user name and password to gain access to the remote share. The latter is no different in a Windows workgroup setup in Windows unless you set the share so all can read and write to it locally. Some added reading and testing about Samba and Workgroups to learn how it all works is required on your part. It did not just come to me in a single night, but after doing lots of reading and I discovered how to do it wrong many times. The solution was not hard however, its just the understanding required when you must setup both sharing PC’s yourself and not having an IT person do it for you.

Thank You,

I don’t see a way to do so. In fact, I don’t see what is the problem if on the Windows side the file is reported as belonging to linux1 as far as windows1 can read/write it thanks to user mapping.

In your example, as lingropu1 group members have read, write and execute permissions on ExampleFile.txt, I would simply create a UNIX and Samba account windows1 and add it to the lingropu1. If windows1 creates a file on the server; it will belong to him. linux1 could also edit it because he’s a member of lingropu1.

If you want to preserve the owner of all files in the share, just add a sticky bit to it (which can be a security breach). See also create mask and directory mask options in smb.conf.

Of course, there is more than one solution to your scenario… Maybe Samba examples will help you.