I have CentOS 6.2 FileServer and a Windows 2008 Server PDC, i have configured samba on CentOS to authenticate all users who need access to files against the WIndows 2008 Server. I have Groups : Finance HR Legal Audit on the windows Server, and i have folders on my FileServer corsponding to those groups. I created users on Windows and joined them to the various groups, so i want to restrict access to files on file server using group membership. i used http://wiki.samba.org/index.php/Samb...tive_Directory to do the installation. wbinfo -u and wbinfo -g are giving me the results that i want e.g Code: [[email protected] im able to browse and view files that are already on the server, but i cannot create a new file or folder, my /etc/samba/smb.conf is as follows [global] workgroup = LAN server string = FILE-SERVER security = ads realm = LAN.LOCAL encrypt passwords = yes preferred master = no template shell = /bin/bash template homedir = /home/%D/%U winbind separator = + winbind uid = 600-20000 winbind gid = 600-20222 winbind use default domain = true winbind nested groups = Yes winbind enum users = yes winbind enum groups = yes enhanced browsing = yes winbind offline logon = false password server = dc.lan.local [LEGAL] comment = Shared Folder path = /home/legal writeable = yes valid users = @NETWORK+legal @NETWORK+directors writelist = @NETWORK+legal create mask = 0777 force create mode = 0777 browseable = yes guest ok = no [HR_ADMIN] comment = Shared Folder path = /home/hr_admin writeable = yes valid users = @NETWORK+directors @NETWORK+hr_admin writelist = @NETWORK+hr_admin create mask = 0777 force create mode = 0777 browseable = yes guest ok = no [FINANCE] comment = Shared Folder path = /home/finance writeable = yes valid users = @NETWORK+directors @NETWORK+finance writelist = @NETWORK+finance create mask = 0777 force create mode = 0777 browseable = yes guest ok = no has anyone used this kind of setup to work? i also want someone who will be a member of group 'Domain Admins' to have read and write access to all the folders and files on the server. thanks in advance.