Setup File Sharing and Permissions for All Users in Zentyal 3.4 PDC – Part 4

For this setting you must visit my previous tutorials on Zentyal 3.4 PDC (installing, basic configuration, DNS, Remote Admin Tools, GPO and OU’s).

  1. Install Zentyal as PDC (Primary Domain Controller) and Integrate Windows – Part 1
  2. Manage Zentyal PDC (Primary Domain Controller) from Windows – Part 2
  3. Creating Organizational Units and Enableing Group Policy – Part 3
File Sharing in Zentyal PDC
File Sharing in Zentyal PDC

After creating OU’s for our domain, enabling GPO for Users and Computers. It’s time to move forward and setup File Sharing for Zentyal 3.4 PDC.

This share will be mapped to all users onto this domain through Default Group Policy for Domain but with different levels of access and security settings for Users.

Step 1: Setup File Sharing

1. Logon to your Zentyal PDC Server using Remote Web Administrative tool by entering your server’s IP or domain name from any browser using https protocol ‘https://mydomain.com‘ or ‘https://192.168.1.13‘.

2. Go to File Sharing Module, hit ADD NEW button, select “Enabled”, enter a descriptive name for this share, choose “Directory under Zentyal” on Share Path field, enter here again a name for this directory ( you can choose another name but is better to be the same for easily later management from command line ) and lastly select “Apply ACLs recursively” ( This enables the power of Linux Access Control Lists on Users and Groups on server) then hit ADD button.

Setup File Sharing
Setup File Sharing
Enter Share Name
Enter Share Name

3. After your share has been added and is visible in File Sharing list hit “Save Changes” button form above to apply this new setting.

Share Added
Share Added
Access Control
Access Control

4. This Step is optional and can be skipped. For listing the share permissions so far open Putty, enter your server IP or domain name, login with your credentials and run the following command.

# ls –all  /home/samba/shares
Listing Share Permissions
Listing Share Permissions

For listing Linux ACL on this moment you can run this command.

# getfacl  /home/samba/shares/collective
Listing Linux ACL
Listing Linux ACL

5. So far so good, now it’s time to add some fine grained permissions on this share. On this share you want the Administrator account on server to have full permissions. Go to File Sharing again and click on Access Control icon.

Add User Permissions
Add User Permissions

A new menu presents, hit “Add New” button, then select User in “User/Group” selection field, choose your administrative user ( on my setup in matei.cezar ), on “Permissions” selection field choose “Administrator” and hit Add button.

Access Control
Access Control
Add New ACL
Add New ACL
Add New ACL Rules
Add New ACL Rules

Repeat this steps with another user ( let’s say “user2” again ) and grant him only with “Read Only” access on this share.

Grant Read Only Permissions
Grant Read Only Permissions

6. After all user configurations hit “Save Changes” above button to apply settings. For listing permissions again from Putty command line use the same “getfacl“ command used above.

Listing ACL Permissions
Listing ACL Permissions

WARN: The rest of users that are not added to Share Access Control List have no permissions on this share. So they can’t even access it ( the drive is still listed).

Step 2: Acessing File Sharing

7. For accessing this new created share on Windows go to Computer or This PC shortcut and on Explorer address field type.

\\server_FQDN\share_name\

In this example the path is “\\pdc.mydomain.com\Collective\”. Now you have full access to Zentyal share on Windows Explorer so you can copy, move, create new files, whatever suits your needs.

Step 3: Auto Mount Share On Reboots

Because we don’t like to enter this path every time for accessing after a reboot on user computers, we need to automate this process that it should be mapped as a default share onto every user logon attempt.

8. To do this we create a simple text file with Notepad named map_collective.bat on desktop with the following content and save it. Where X is the Drive letter.

“net use X:  \\pdc.mydomain.com\Collective\”
Auto Mount Share
Auto Mount Share

WARN: If you can’t see file extension go to Control Panel -> Appearance and Personalization -> Folder Options -> View tab , deselect Hide extensions for known file types and hit Apply.

Hide Extensions
Hide Extensions

9. Then go to Zentyal Web Admin Interface (https://domain_mane), Domain module -> Group Policy Objects.

Group Policy Objects
Group Policy Objects

10. Select Default Domain Policy and click on GPO Editor icon.

Default Domain Policy
Default Domain Policy

11. Navigate bottom to User Configuration -> Logon Scripts -> Add New.

Add New Logon Script
Add New Logon Script

12. Select Bach on Script Type, hit Browse Button then navigate through File Upload to Desktop and select map_collective.bat file script and hit Open.

Select map_collective.bat File
Select map_collective.bat File

Yuor script has been added and it’s listed in Logon Scripts.

Logon Script Added
Logon Script Added

13. To test it just logoff and login back again. As you can see this share with X drive letter has been mapped to “user2” with read only access to it.

Share Mount
Share Mount
User Read Only Access
User Read Only Access

This was just a small portion of what you can do with file sharing on Zentyal 3.4, you can add as may shares as you want with different permissions on users ad groups.

If you read this far, tweet to the author to show them you care. Tweet a thanks
Matei Cezar
I'am a computer addicted guy, a fan of open source and linux based system software, have about 4 years experience with Linux distributions desktop, servers and bash scripting.

Each tutorial at TecMint is created by a team of experienced Linux system administrators so that it meets our high-quality standards.

Join the TecMint Weekly Newsletter (More Than 156,129 Linux Enthusiasts Have Subscribed)
Was this article helpful? Please add a comment or buy me a coffee to show your appreciation.

13 thoughts on “Setup File Sharing and Permissions for All Users in Zentyal 3.4 PDC – Part 4”

  1. Hi Matei, I’ve read your guides and it’s work. I’m using zentyal 6 as AD DC in my client office. Is there any guides on how to share folder on another hard drive in zentyal 6 OS to windows 10 pro clients since my zentyal 6 server will use 6 additional hard drive? First HD only for zentyal 6 os files, 6 other is for folder n files sharing your the clients user.

    Thank you!

    Reply
  2. Do you have this information how to access shares and redirect home folders to shares for linux clients on ubuntu connecting to a zentyal 4.2 PDC. For windows this is clear but how can this be done for linux clients. Joining the domain has been succesfull with powerbridge.

    Reply
    • Try to manually enter the shares by typing the the address of your PDC in nautilus or whatever file manager you are using for linux: smb://pdc_IP/share

      Reply
  3. i have a question.i have zentyal 4.2 development edition installed.i cant see the GPO and GPL in the domain module.is there any workaround in this? thanks in advance.nice tutorial by the way,saved me alot of time and effort.

    Reply
  4. So far, I’m finding Zentyal to be a real time saver. Would you anticipate any problems in doing file sharing on a BDC setup according to your tutorial in this series? I happen to have much more disk capacity on my BDC and would like to make use of it.

    Reply
  5. Hi Matei when i share a folder from a windows client it prompts an admin and password authentication I am using a default policy and just want to allow normal users to share their folders to other users

    Reply
  6. Yes, I use ext4 on Zentyal and you can modify file share permissions from windows as long as that user has administrative permissions in that area, but better use Zentyal admin account to modify permissions not local stations.

    Reply
  7. Matei, your guides have been extremely helpful. I’m struggling a bit with permissions. I take it your file system in the demo is ext4 since you put the share ‘under zentyal’. Can you use a windows machine to manage permissions for this share? thanks again…

    Reply

Got something to say? Join the discussion.

Thank you for taking the time to share your thoughts with us. We appreciate your decision to leave a comment and value your contribution to the discussion. It's important to note that we moderate all comments in accordance with our comment policy to ensure a respectful and constructive conversation.

Rest assured that your email address will remain private and will not be published or shared with anyone. We prioritize the privacy and security of our users.