Hi Curtis, > Now, if I add a line "valid users = user1, user2, user 3" then of > course, just they can get in. But that doesn't seem to be the right > solution. The right solution would be to permit only accounting group > > users into the folder. What am I doing wrong? Try "valid users = @accounting". Does that help? Bye... Nico