Setting up virtual samba servers

Robert Dahlem Robert.Dahlem at gmx.net
Mon Dec 18 21:24:32 GMT 2000 

Micheal,

On Mon, 18 Dec 2000 15:09:27 -0600, MEwing at berkleyis.com wrote:

>In my current setup, almost all of the options are defined in the 
>master smb.conf file.

Good.

>Following is a listing of the only options that are defined in the 
>two virtual smb.conf files that I have setup.
>
>     virtual01.conf
>          [global]
>                security = server
>                password server = local_PDC
>
>     virtual02.conf
>          [global]
>                security = user

This is default, so it has just documentation purposes. Your server 
will run with "security = user" as long as it does not include 
virtual01.conf.

>                password file = /opt/samba/etc/smbpasswd

You should move this to the master configuration file: Think of a 
situation where the client does not explicitly tell a server name 
(remember: the program smbpasswd is a client too!). So where should 
Samba search its password database?


>The configuration that I am trying to support is as follows.
>
>     Both virtual servers support the same file shares.   The only
>difference between the servers is how the user is authenticated.    
>One virtual server uses the local PDC system to authenticate the 
>users' passwords.   The second virtual server uses the local 
>smbpasswd file to provide access for a limited number of remote users 
>that are not listed in our local PDC.

Are you sure you really need all the virtual stuff? The man page for 
smb.conf says:

  "security=server"

    In this mode Samba will try to validate the username/password by 
    passing it to another SMB server, such as an NT box. If this fails 
    it will revert to "security = user", [...]

So I think you don't need no virtual servers at all. Just configure:

  security = server
  password server = ...
  password file = ...

>Or, is it possible to setup the smb.conf file of a regular samba 
>server to use multiple authentication methods?    (ie.  The samba 
>server would first check the local smbpasswd file then it would check 
>the PDC.)

No, only the other way round. BTW: That's what you described in the 
first place. :-)


>Here is a separate question about resource shares.

>Is it possible to setup the smb.conf file to NOT have the "user's 
>home directory" and "printers" shares visible when using the "Network 
>Neighborhood" utility to view and access the shares that are 
>available from the samba server?    I only want the users to be able 
>to see the shares that I have been defined for the samba server.

Doesn't "browseable = no" help?

Regards,
        Robert


-- 
---------------------------------------------------------------
Robert.Dahlem at gmx.net           Fax +49-69-432647
---------------------------------------------------------------

Sent using PMMail (http://www.pmmail2000.com) - fast, decent, email
software; far better than Outlook. Try it sometime.

More information about the samba mailing list