Linux Archive

Linux Archive (http://www.linux-archive.org/)
-   CentOS (http://www.linux-archive.org/centos/)
-   -   More Samba Questions (http://www.linux-archive.org/centos/173684-more-samba-questions.html)

"Joseph L. Casale" 10-09-2008 08:43 PM

More Samba Questions
 
>Why would you put user names in the smb.conf file?

The server is set to "user" hence the need to suggest what user's can
access the share, right?
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

"Joseph L. Casale" 10-09-2008 08:44 PM

More Samba Questions
 
>I've always had to use
>
> smbpasswd -a unixusername
>
>then give them a password for smb use... the catch-22 is that SMB uses
>a completely different password hash algorithm than Unix/Linux
>/etc/passwd(shadow) passwords, so you can't use the one for the other.
>
>Its much much easier if you use a central authentication database like
>LDAP (or if its already in use at the site, Active Directory).

Thanks guys,
That's what I guess I didn't know. I was going to use AD integration but
these PC's are dom members but they logon locally as they run some lame software
won't run as a service and needs local admin to work, so I didn't want a domain
username sitting accessible.

jlc
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

John R Pierce 10-09-2008 09:02 PM

More Samba Questions
 
Joseph L. Casale wrote:

I've always had to use

smbpasswd -a unixusername

then give them a password for smb use... the catch-22 is that SMB uses
a completely different password hash algorithm than Unix/Linux
/etc/passwd(shadow) passwords, so you can't use the one for the other.

Its much much easier if you use a central authentication database like
LDAP (or if its already in use at the site, Active Directory).



Thanks guys,
That's what I guess I didn't know. I was going to use AD integration but
these PC's are dom members but they logon locally as they run some lame software
won't run as a service and needs local admin to work, so I didn't want a domain
username sitting accessible.




you know individual Windows DOMAINusernames can be added to the local
Administrators group on a workstation?



_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

"Joseph L. Casale" 10-09-2008 09:25 PM

More Samba Questions
 
>you know individual Windows DOMAINusernames can be added to the local
>Administrators group on a workstation?

yeah, but like I said, I didn't want a logged in user (can't even enable a locked
screen saver) to be accessible by "someone". I could create perms denying this user
explicitly etc but why? It's easier to make it a local user and not *ever* worry about
managing it.


_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

"Bo Lynch" 10-10-2008 12:04 PM

More Samba Questions
 
On Thu, October 9, 2008 4:18 pm, Joseph L. Casale wrote:
> I have never setup a Samba server, and the recent thread here prompted to
> get on this I need to migrate two XP machines from using iSCSI to Samba.
>
> I thought the "+" preceding a username in the smb.conf file for a
> share definition told Samba to use the unix username? Unless I actually
> use swat to create and enable the user and take off the + it doesn't work.
>
> Any ideas what swat does when you create a user through that interface?
>
> Is there any way to simply force Samba to use locally created users in the
> share definition?
>
> Thanks!
> jlc
>

You use the + operator with authentication with winbind on a windows
domain. If you would like to use samba without windows authentication then
you can add the user accounts with useradd with the /sbin/nologin option
and then add them to samba using the smbpasswd command. Hope this helps.
Bo


_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


All times are GMT. The time now is 07:15 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.