share security passwords

Mac dmccann at
Wed Nov 17 10:55:57 GMT 1999

Hi Brian (and all you avid Samba readers)

>> The most important thing that will make this work is running the whole
>> server in 'security = share' mode.  This is awful for most purposes
>> (because the Win clients don't give a username to a server running in
>> 'share' mode, and so Samba has to guess which UNIX user you are.)
>hmm.  this is close.  i now have a share that is accessible via password for
>any user.  unfortunately, it's accessible to anyuser who uses *any* password
>in the samba password file.  can i stop this so it only will allow access if
>the *correct* password is given?

Indeed.  If I may quote my own message back at you for a moment:-

 > You can make it easier though by having exactly one entry in the 'valid
 > users' list, (which is a special user you create just for this share)

You have to use the 'valid users' configuration statement in order to
restrict the user names that can connect to the share.

>here's the share section, and i am using security = share
> available = yes
> browseable = yes
> force user = galik
> guest ok = no
> path = /home/galik
> read only = yes

And here's my suggested modification to it:-

  valid users = newgalik

and then you create the user  'newgalik' like this :-

 newgalik::301:302:Special User for Samba Share:/home/galik:/bin/false

(Your 'passwd' file format my vary a bit from this, and you _must_ check
that the UID and GID numbers don't conflict with any exisiting users).

Then, as root do:-

  passwd newgalik

and set it to what ever you want.

          Assistant Systems Adminstrator
                        dmccann at
   Work: +44 1707 654753 x285      Everything else: +44 7956 237670 (anytime)

NOTE: New Mobile Phone Number (see <URL:> for why)

More information about the samba mailing list