User lists in 2.0.6

Mike Harris mike at
Sun Dec 5 18:11:25 GMT 1999


Sounds like you want to use your Samba server to control logins to your Win9x machines ?

You will need to configure Samba with security=USER and domain logins=YES.  Also, remember you need 'encrypt passwords=yes' in your smb.conf to work with any Win95 OPL2 or Win98 clients.

Then point the Win 9x machines at the Samba server in 'User Level Access Control' in the 'Access Control' tab of the Network properties dialog under Windows.  I believe you also need to set the 'Logon to NT domain' as well in the properties for 'Client for Microsoft Networks'.
You then create UNIX user accounts and the /etc/passwd file on your Samba server then becomes the user list and access control for your Windows 9x machines.

If you want to set-up roaming profiles, then create a netlogon share on the Samba server and create a CONFIG.POL file with the information there.  Under standard operation, user profiles will be saved under the homes share on the Samba server.  This is not always a desired thing as users can then see their profiles (and delete them!).  Most people prefer to create a profiles$ hidden share on the Samba server and point to this in the CONFIG.POL file, using the Windows System Policy Editor.  

** Note you shouldn't be making the Samba server your login server, domain master or wins master if you're already running an NT PDC or WINS Server in your network.  If you are, let it do the job.

If you run with wins support = yes in smb.conf, make sure you point your Windows machines at your Samba server for WINS resolution.

The following smb.conf snippet contains a list of the Samba parameters you should look at to do what you want to do.  The manual page for smb.conf should contain sufficient information to elaborate on them more, a good idea is to run SWAT (http://your.samba.server:901) which allows you a web-based view of the parameters and easy reference to the man pages.  I can't suggest better documentation that that which comes with Samba, which although detailed will help you understand what's going on.  There are also some very good books available.

Hope that helps?

Mike Harris,
Psand España.

    security = user
    domain master = yes
    domain logons = yes
    preferred master = yes
    encrypt passwords = yes
    logon path = \\%L\netlogon
    workgroup = DOMAIN
    logon script = %U.bat
    logon home = \\%L\%U
    local master = yes
    os level = 34
    wins support = yes

    browseable = no
    writeable = yes

    path = /home/samba/netlogon
    guest ok = no
    writeable = no
    browseable = yes
    preserve case = yes
    case sensitive = no
    default case = yes

    path = /home/samba/profiles/%U
    root preexec = /bin/mkdir /home/samba/profiles/%U; \
                   /bin/chown %U /home/samba/profiles/%U; \
                   /bin/chmod 700 /home/samba/profiles/%U
    browseable = yes
    guest ok = yes
    create mode = 0600
    directory mode = 0700
    writeable = yes

  ----- Original Message ----- 
  From: Jon Westfall 
  To: Multiple recipients of list SAMBA-NTDOM 
  Sent: Sunday, December 05, 1999 5:14 PM
  Subject: User lists in 2.0.6

  If it is possible ( I am new to Samba ) to have the Samba Server (2.0.6) send a user list for user level access to a Win9x machine, what options do I need to put in my smb.conf file.  If any one has some advice or a good doc. online I'd appreciate it.  I'm also interested in setting up roaming profiles, but the userlevel access is top on my list.
  Jon Westfall
  Greatful Newbie

  Jonathan E. Westfall
  CEO - Webmaster
  Bug Jr. Software
  Reach Me by E-Mail: jon at
  Reach me by ICQ: 19804776
  Reach me by Phone: 440-888-0260
  Reach me by Fax: 208-293-2392

-------------- next part --------------
HTML attachment scrubbed and removed

More information about the samba-ntdom mailing list