Setting up virtual samba servers
Robert Dahlem
Robert.Dahlem at gmx.net
Mon Dec 18 21:24:32 GMT 2000
Micheal,
On Mon, 18 Dec 2000 15:09:27 -0600, MEwing at berkleyis.com wrote:
>In my current setup, almost all of the options are defined in the
>master smb.conf file.
Good.
>Following is a listing of the only options that are defined in the
>two virtual smb.conf files that I have setup.
>
> virtual01.conf
> [global]
> security = server
> password server = local_PDC
>
> virtual02.conf
> [global]
> security = user
This is default, so it has just documentation purposes. Your server
will run with "security = user" as long as it does not include
virtual01.conf.
> password file = /opt/samba/etc/smbpasswd
You should move this to the master configuration file: Think of a
situation where the client does not explicitly tell a server name
(remember: the program smbpasswd is a client too!). So where should
Samba search its password database?
>The configuration that I am trying to support is as follows.
>
> Both virtual servers support the same file shares. The only
>difference between the servers is how the user is authenticated.
>One virtual server uses the local PDC system to authenticate the
>users' passwords. The second virtual server uses the local
>smbpasswd file to provide access for a limited number of remote users
>that are not listed in our local PDC.
Are you sure you really need all the virtual stuff? The man page for
smb.conf says:
"security=server"
In this mode Samba will try to validate the username/password by
passing it to another SMB server, such as an NT box. If this fails
it will revert to "security = user", [...]
So I think you don't need no virtual servers at all. Just configure:
security = server
password server = ...
password file = ...
>Or, is it possible to setup the smb.conf file of a regular samba
>server to use multiple authentication methods? (ie. The samba
>server would first check the local smbpasswd file then it would check
>the PDC.)
No, only the other way round. BTW: That's what you described in the
first place. :-)
>Here is a separate question about resource shares.
>Is it possible to setup the smb.conf file to NOT have the "user's
>home directory" and "printers" shares visible when using the "Network
>Neighborhood" utility to view and access the shares that are
>available from the samba server? I only want the users to be able
>to see the shares that I have been defined for the samba server.
Doesn't "browseable = no" help?
Regards,
Robert
--
---------------------------------------------------------------
Robert.Dahlem at gmx.net Fax +49-69-432647
---------------------------------------------------------------
Sent using PMMail (http://www.pmmail2000.com) - fast, decent, email
software; far better than Outlook. Try it sometime.
More information about the samba
mailing list