Howdy~

Here is the situation, let say i have Dept. A and Dept. B, both are mutually exclusive.
I have 2 share directories (share-A and share-B) for each Dept. and users from grp-A should not have access to share-B and vice versa, but my boss wants access to both of the shares...

Here is what i did, might be a bit silly cos i'm kinda new to Linux
In my smb.conf:
My boss logs in and he cannot enter any of the shares... thats obvious since others is set to ---, but if i set others to r-x, grp-A can access grp-B~

Is there an more simple workaround?

Thanks in advance~

for your valid users list you need to be sure all of the group-a and group-b users are setup in their own actual group. Also, be sure to adduser for your boss and also smbpasswd -a boss to set his samba password up.

valid users = @groupa boss
and
valid users = @groupb boss

I think thats what i did...

What about the share directory's access permission and ownership?

Like i said, my boss cannot enter either directory because he belongs to a different group...
I set both shares to 770... my boss belongs to the admin group, which means *others*, if *others* is 0, does the *valid users* still work?

Can you just add your boss to a second group (and maybe a third) so that he can access the stuff as a group member? Otherwise the Linux permissions will win I think. Try looking into making 'boss' a member of a couple groups.

Yup, I think i get what you mean... hmm... your workaround might be safer than mine
I set the shares to 775 and it works but it will get messy a bit when i have more folders...

Anyway, thanks for your idea~!

~WiLL~

Yeah, I definitely recommend going with my approach just to preserve the security of those files.

Working~

CHeeRs~!

Cool! Glad I could help you!