[Samba] limiting authentication duration
Doc Dawson
doc at dawson.cc
Wed Oct 8 03:21:35 GMT 2003
Question 1: Is there a way to keep an authentication to a Samba share from
lasting indefinitely?
I am implementing a Linux file server for a network of machines all running
Windows 98 SE. (Redhat 9, Samba 2.2.7a, share-level security.) Once a
user provides a valid password and connects to a Samba share, Samba allows
that client machine to access that share indefinitely.
In our office each machine may not be used by the same user every day. If
Joe connects to a Samba share on Monday by providing the proper password,
then Mary uses that client machine on Tuesday, she will have access to the
share without needing the password. Is there a way to make Samba ask for
the password again?
Initially I thought I could just set the deadtime and keepalive options so
the connection would be terminated if it is not used for a while. But
apparently Windows just autoreconnects.
I tried restarting the Samba service but that doesn't work either.
Even "smbcontrol smbd close-share * " doesn't prevent autoreconnection.
In the O'Reilly book "Using Samba" (second edition) the section on
Share-Level Security mentions a REVALIDATE=YES option which I thought might
be relevant. However testparm identifies this as an "unknown
parameter". (BTW, revalidate does not appear in the index nor in the
Configuration Option appendix of the second edition, so I suspect this is a
deprecated option, although it was not removed from the text.)
Related, but slightly different
Question 2: Is there a way for a user on a Windows client to get Samba to
ask for a new password?
Suppose I have a share such as:
[data]
path = /var/project1/data
username = mary, admin
read only = yes
write list = admin
If mary connects to the share, then asks me to come assist her and I need
to write to the share from the Windows machine she is using, how can I
terminate her authentication so I can connect with my password and get
write privileges?
I'm new at this, so if any of my terminology is not right please let me
know so I can get it right next time.
Doc Dawson
Longwood Family Medicine
Longwood, Florida
doc at dawson.cc
More information about the samba
mailing list