security = server and valid users

Greg Dickie greg at discreet.com
Thu Sep 2 10:06:31 GMT 1999


Definitely not if you use: 
guest ok=yes
force user=guest

Greg

On 02-Sep-99 David Zanetti wrote:
> Quite possibly this is not quite the right samba list to ask this on, if
> so, please suggest the correct list.
> 
> I ran into an issue (I dare not call it a bug!) when I was asked to set
> up some shares that had a specific valid user list. Although samba goes
> off and queries the password server, and even correctly authenticates
> the user, the user must still have a local unix account. That's fine, I
> can understand that. But part of the share included a force user = x, so
> that the local unix user account being used after authentication was a
> common user. 
> 
> My assumption (which is clearly wrong! :) ) would be that I could use
> force user = x to override the need for a local unix account - all the
> operations would be done by the forced user, and all the authentication
> is being done with the remote NT server. Does this make any sense? Is it
> supposed to _always_ require a local user even when being forced and no
> local authorisation is taking place?
> 
> (This is all with Samba 2.0.4b, Solaris 2.5.1)
> 
> Ex:
> 
> security = server
> password server = mynt
> ..
> [myshare]
>   ...
>   valid users = user1, user2
>   force user = nobody
> 
> -- 
> David Zanetti, Unix System Administrator and Postmaster
> Wellington City Council, New Zealand. Phone +64-4-801-3354

---------------------------------------------------------------------
Greg Dickie
Just A Guy*
*from discreet (the logic is gone)
Montreal 
(514) 954-7171
greg at discreet.com



More information about the samba-ntdom mailing list