Solved: Connecting arbitrary Windows NT users to SUN/Solaris 2.6.

Stephan Schoonees Stephan at mas.co.za
Wed Mar 8 19:42:39 GMT 2000 

I managed to sort out my problem in connecting
+-200 Windows NT workstations to a SUN/Solaris 2.6
server running Samba version 2.0.0.

The idea was to connect ANY Windows NT user to
ANY Unix user. This seems problematic until I got
the following configuration:

[global]
   workgroup = MY_OWN_WINDOWS_DOMAIN
   server string = Unix server
   log file = /usr/local/samba/var/log.%m
   max log size = 50
   security = share
   encrypt passwords = yes
   socket options = TCP_NODELAY 
   dns proxy = no 

[homes]
   guest ok = no
   read only = no

The secret was in specifying as little as possible in
the "homes" section and setting the security level
to "share". This enables multiple Samba sessions to
be started from a foreign Windows NT machine to
any valid Unix user and it's home directory.

The authentication is then done locally on the
Unix server by means of the
	/usr/local/samba/private/smbpasswd
password file. Initially this file does not exist
and creating it one has to follow the following steps:
a) Login as root.
b) Go to the /usr/local/samba/private directory.
c) Create the smbpasswd file with the following entry:
stephan:1001:12345670001234567000123456700012:123456700012345670001234567000
12:[U          ]:LCT-38C6C987:
d) Change the user name "stephan" to your user name.
e) Change the UID "1001" to your UID as specified
   in the /etc/passwd file.
f) Save and exit the file.
g) Go to the /usr/local/samba/bin directory.
h) Type the following to change your user's password:
	smbpasswd stephan
   which will change "stephan"'s password in this case.
i) Enter and re-enter the password as directed.
j) Notice that the password column in the 
/usr/local/samba/private/smbpasswd file has been changed.

To add another user simply follow the steps above again.
In my case a copy and paste of the /etc/passwd file
into the smbpasswd file and a few quick modifications
enables all the NT users to be able to connect as
any Unix user.

This configuration *should* be the most commonly used
as I doubt there are many Windows NT users who have
EXACT user name matches with their Unix user names.
I was thus surprised to see so little documentation
on how to set this up.

I still have a few questions:
a) Is there a quick way of getting Samba to
re-read the smb.conf file and update its
configurations without starting and stopping
the services?
b) I notice that the CR/LF (carriage return/line feed)
mapping from Unix to Windows NT is not done
automatically which means that one gets messy downloads
of text files from Unix in which there is a
missing CR or LF.
Is there a way of tuning Samba to do this CR/LF
conversion automatically for text files only?

Thanks in advance
Stephan Schoonees

Momentum Administration Services
South Africa

PS: Special thanks to Peter Samuelson for the help he gave.

More information about the samba mailing list