setup question

[Simon Hyde]

On Mon, 16 Feb 1998 08:31:25 +1100, you wrote:

>The accounts are being authenticated via a NT PDC.  This seems to work.
>I have a directory called /usr/smb.  In it I have created
>directories for each domain user.  Ideally all domain users
>can write to their respective directories without having an account
>on the unix box.  Non-unix users seem to get they're accounts mapped
>to /usr/smb/nobody (the unprivledged unix user).  This is such
>a general topic I wasn't sure how to search for it in the previous
>archives.   
>
>
>excerpts from smb.conf
>	workgroup = CAS
>	password server = PDC
>	encrypt passwords = yes
>
>	[web]
>	   path = /usr/smb/%U
>	   public = yes
>	   writable = yes
>	   printable = no
>	   guest ok = no

Erm...firstly 'guest ok' and 'public' do exactly the same thing, if you
want guest access (which is what is happening at the moment then remove the
last line, if you don't then remove the 'public' line.

If the username presented by the incoming user isn't a valid one (on the
Unix system) and guest access is enabled then Samba will allow the user
through as the guest user, otherwise it will deny them access. This is
because when Samba works on UIDs, files created have to have an owner, you
have to be working under a specific UID in order to determin whether a user
has access rights to a file, there must therefore be a valid Unix account
(even if it doesn't have a password or rights to login) with a valid UID
for the user you are requesting access for in order for Samba to give them
access as a non-guest user.

I can't really see any way you could give them a different directory using
the same share name while still giving them access as the guest user. In
order for this to work you will have to create an account for each user
(even if you don't give them a valid login/password on the Unix box).
-----------------------------------------------------------
With a PC, I always felt limited by the software available.
On Unix, I am limited only by my knowledge.