[ale] Samba Not Quite Right

Drag0n dragon at atlantacon.org
Tue Aug 19 10:13:38 EDT 2003 

you may want to look at VASC (Very Advanced Samba Config)
http://www.precompiled.org/projects/VASC/
it is a great example of what can be done with samba.

Drag0n
dragon at atlantacon.org

Jonathan Glass wrote:
> 
> > I've got Samba up and running on Gentoo, which is also up and running (a
> > minor
> > miracle in and of itself, as the 2.4.20 kernel that comes with the current
> > version of Gentoo wouldn't boot on this nVidia-chipset machine).
> >
> > WinXP machines on the network can see the server and, if I double-click on
> > the
> > server, I'm asked for a username and password.  If I supply mine, I can
> > get into
> > the one share I created.
> >
> > This isn't quite what I want to have happen.  I would like for at least
> > one
> > read-only share to appear without the need for a username and password,
> > and I
> > plan to make other shares that *will* require un/pw access.  I would like
> > all
> > shares to at least appear when the server is double-clicked, without
> > having to
> > enter a un/pw.
> >
> > This is the share definition for that one read-only share as it now
> > stands:
> >
> > [library]
> >    comment = General data/sw for internal use
> >    path = /share/library
> >    public = yes
> >    writable = no
> >    write list = jeff
> >
> > Other important global parameters:
> >
> >    security = user
> >    encrypt passwords = yes
> >    smb passwd file = /etc/samba/private/smbpasswd
> >
> > There is a Win2K PDC here with accounts, but I have no control over them
> > (to
> > include existence), so, if I want to be able to provide and control access
> > to
> > this Samba server, I have to manage the accounts and use smbpasswd as
> > needed.
> >
> > How can I best get the behavior I want?
> >
> > - Jeff
> 
> Well, you can cheat a little.  This will force anyone connecting to the
> "public" share to have a smbguest account sans entering a username and
> password.
> 
> [public]
>         comment = Public Share
>         path = /path/to/share
>         browseable = yes
>         guest ok = yes
>         guest only = yes
>         read only = no
>         writeable = yes
>         create mask = 0777
>         directory mask = 0777
> 
> ON the issue of not controlling accounts:  Do you really want to keep
> track/manage usernames and passwords?  If a Win2K server is already doing
> the authentication, then it only makes sense to use their authentication
> so the users only have a single username and password to remember.  You
> may not have control over who exists on the network, but you can control
> who can access what on your server.  I did this for a previous employer,
> deploying one web server for students, and another for faculty, all doing
> auth through a Winnt PDC.
> 
> HTH
> 
> --
> Jonathan Glass
> Systems Support Specialist II
> IBB/GTEC
> W: 404-385-0127
> C: 404-444-4086
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://www.ale.org/mailman/listinfo/ale
_______________________________________________
Ale mailing list
Ale at ale.org
http://www.ale.org/mailman/listinfo/ale

More information about the Ale mailing list