Есть Freebsd 8.3 LDAP. Завел пользователей, пользователи находятся в разных группах. Есть шара на которую могут все писать и все удалять. Но по итогу получается, что один пользователь создал папку, второй удалить уже не может эту папку. А надо что бы он могу удалять. Говорю конкретно о public, int2 и int1.
Код: Выделить всё
cat /usr/local/etc/smb.conf
[global]
workgroup = remi
server string = PDC
netbios name = PDC
security = user
hosts allow = 192.168.100. 127.
load printers = no
log file = /var/log/samba/log.%m
max log size = 500
acl compatibility = win2k
encrypt passwords = yes
admin users = admin
passdb backend = ldapsam:ldap://localhost/
# здесь описываем лдап
ldap suffix = dc=remi,dc=local
ldap user suffix = ou=users
ldap group suffix = ou=groups
ldap machine suffix = ou=computers
ldap admin dn = "cn=root,dc=remi,dc=local"
ldap delete dn = no
ldap ssl = off
winbind uid = 10000-20000
winbind gid = 10000-20000
winbind separator = @
winbind use default domain = yes
# делаем PDC
socket options = TCP_NODELAY
local master = yes
os level = 255
domain master = yes
preferred master = yes
domain logons = yes
# если хоиите юзать логон скрипты, то раскоментариваете
; logon script = %m.bat
; logon script = %U.bat
logon script = %G.cmd
# путь к перемещаемому профилю
logon path =
# путь к хомякам юзеров
logon home = \\pdc\home
logon drive = Z:
wins support = yes
dns proxy = no
display charset = cp1251
unix charset = cp1251
dos charset = cp866
time server = yes
# скрипты для добавления юзеров и групп (юзается в usermgr от nt4)
add machine script = /usr/local/sbin/ldapaddmachine '%u' computers
add user script = /usr/local/sbin/ldapadduser '%u' users
add group script = /usr/local/sbin/ldapaddgroup '%g'
add user to group script = /usr/local/sbin/ldapaddusertogroup '%u' '%g'
delete user script = /usr/local/sbin/ldapdeleteuser '%u'
delete group script = /usr/local/sbin/ldapdeletegroup '%g'
delete user from group script = /usr/local/sbin/ldapdeleteuserfromgroup '%u' '%g'
set primary group script = /usr/local/sbin/ldapsetprimarygroup '%u' '%g'
rename user script = /usr/local/sbin/ldaprenameuser '%uold' '%unew'
# делаем шару на хомяки
[home]
comment = Home Directories
path = /home/samba/homes/%U
read only = no
public = no
writable = yes
create mask = 0600
browseable = no
directory mask = 0700
# делаем шару на нетлогон (для запуска скриптов)
[netlogon]
comment = Network Logon Service
path = /usr/local/etc/samba/netlogon
guest ok = yes
writable = no
share modes = no
browseable = no
# делаем шару на перемещаемые профили
[profiles]
create mask = 0600
directory mask = 0700
path = /home/samba/profiles/%u
writeable = yes
browseable = no
locking = no
# csc policy = disable # эта строчка необходима чтобы отключить автономное кеширование
# просто так :) чтобы можно было на тачку заходить
[IPC$]
path = /tmp
hosts allow = 192.168.100.0/24 127.0.0.1
hosts deny = 0.0.0.0/0
[public]
comment = Public share
path = /share/public
guest ok = no
writable = yes
# browseable = yes
public = no
create mode = 666
directory mode = 777
# valid users = @admins1,@admins2,@admins3,@admins4,@users1,@users2,@users3
# write list = @admins1,@admins2,@admins3,@admins4,@users1,@users2,@users3
[install]
comment = install share
path = /share/install
guest ok = no
writable = yes
public = no
create mode = 664
directory mode = 777
# write list = @admins
[acters]
comment = acters share
path = /share/acters
guest ok = no
writable = yes
public = no
create mode = 666
directory mode = 777
valid users = @admins1, @admins2, @users4
write list = @admins1, @admins2
[artist]
comment = artist share
path = /share/artist
guest ok = no
writable = yes
public = no
create mode = 666
directory mode = 777
valid users = @admins1,@admins2, @users4
write list = @admins1,@admins2
[demo_recor]
comment = demo recor share
path = /share/demo_recor
guest ok = no
writable = yes
public = no
create mode = 666
directory mode = 777
valid users = @admins1,@admins2,@users4
write list = @admins1,@admins2
[demo_remi]
comment = demo remi share
path = /share/demo_remi
guest ok = no
writable = yes
public = no
create mode = 664
directory mode = 777
valid users = director, @admins3, @users3
write list = director, @admins3, @users3
[manager_recor]
comment = manager_recor share
path = /share/manager_recor
guest ok = no
writable = yes
public = no
create mode = 666
directory mode = 777
valid users = @admins1,@admins2, @users4
write list = @admins1,@admins2
[manager_remi]
comment = manager_remi share
path = /share/manager_remi
guest ok = no
writable = yes
public = no
create mode = 664
directory mode = 777
valid users = director,@admins3,@users3, @users4
write list = director,@admins3,@users3
[audio]
comment = audio share
path = /share/audio
guest ok = no
writable = yes
public = yes
create mode = 664
directory mode = 777
valid users =@admins1, director,@admins2,@users1,@users2
write list = director,@admins1,@admins2,@users1,@users2
[video]
comment = video share
path = /share/video
guest ok = no
writable = yes
public = no
create mode = 664
directory mode = 777
valid users = @admins1,director,@admins2,@users1
write list = @admins1,director,@admins2,@users1
[uchet_recor]
comment = uchet share
path = /share/uchet-recor
guest ok = no
writable = yes
public = no
create mode = 666
directory mode = 777
valid users = @admins1,@admins2,@admins4,@uchet
write list = @admins1,@admins2,@admins4,@uchet
[uchet_remi]
comment = uchet-remi share
path = /share/uchet-remi
guest ok = no
writable = yes
public = no
create mode = 664
directory mode = 777
write list = @admins1,director, @admins3, @users3
[buhgalter]
comment = buhgaler share
path = /share/buhgalter
guest ok = no
writable = yes
public = no
create mode = 666
directory mode = 777
valid users = @admins1,@admins2,@admins4
write list = @admins1,@admins2,@admins4
[tmp]
comment = tmp share
path = /share/tmp
guest ok = no
writable = yes
public = no
create mode = 666
directory mode = 777
valid users = @admins1,@admins2
write list = @admins1,@admins2
[base]
comment = base share
path = /share/base
guest ok = no
writable = yes
public = no
create mode = 660
directory mode = 770
valid users = alex
write list = alex
[int1]
comment = int1 share
path = /hdd3/int1
guest ok = no
writable = yes
public = no
create mode = 666
directory mode = 777
valid users = @admins1, @admins2, @users1, operator1, operator2
write list = @admins1, @admins2, @users1, operator1, operator2
[materiali]
comment = materiali share
path = /tank4
guest ok = no
writable = yes
public = no
create mode = 666
directory mode = 777
valid users = @admins1, @admins2, @users1
write list = @admins1, @admins2, @users1
[int2]
comment = int2 share
path = /hdd2/int2
guest ok = no
writable = yes
public = no
create mode = 666
directory mode = 777
valid users = @admins1, @admins2, @users1, operator1
write list = @admins1, @admins2, @users1, operator1