[Samba] Samba w/o local users on Samba server?
Matt Morgan
minxmertzmomo at gmail.com
Mon Jun 6 17:59:32 GMT 2005
On 6/6/05, Robert Schuettler <rober at cis.fu-berlin.de> wrote:
> Hi everyone,
>
> is it possible to have a Samba server without creating local accounts
> for users on that server?
>
> Share level security doesn't count though. ;-) The idea is not to need
> to create and update users on the Samba server itself (i.e. no local
> users, no entries in /etc/passwd, etc).
>
> The documentation says something about Domain and ADS level security
> being basically just forms of user level security, so - for the moment-
> it looks to me as if there's no way around creating those local users.
> Is that correct?
Not quite, but you can save a few steps if you have some easy &
dynamic way to create & maintain the local users.
We do linux auth against ADS with a combination of winbind, kerberos,
pam_mkhomedir (to auto make the home dir), and pam_mount (to
mount/unmount the shares automatically without the user needing root
access, and no prior modifications to fstab). With that we have what
you want, but it was pretty hard to set up. (I didn't do it--it was
our genius network admin doing a ton of reading and a lot of trial and
error. But we're not the only ones who've done it.)
More information about the samba
mailing list