samba digest, Vol 1 #189 - 15 msgs

David Evans-Roberts daveer at
Tue Nov 14 18:01:20 GMT 2000


If you set up a share by editing smb.conf or using swat you can use Windows
Explorer/ Network Neighbourhood to see if you can access the samba server.

It is not clear exactly how you want to set up things up.  We are only doing
file system sharing  and have the following set in smb.conf

        workgroup = HR
        security = DOMAIN
        encrypt passwords = Yes
        password server = DRIZZLE HAIL SNOW SUPERIOR
        username map = /etc/samba/usermap.txt

This uses our existing NT domain servers for authentication.  Where
usernames differ between NT and Unix we use the "username map" to map them.
Users log in as before.  Generally we use the swat tool for all
administration, which is easier than having to look up smb.conf options. We
set up Unix groups which equate to any NT groups we have and use the @group
notation as appropriate in smb.conf eg 

        comment = Ema directory
        path = /export/services
        write list = @services
        force group = services 

Everyone has read access as it is not specified, but services group have
write access.  

We don't use spaces in any group names, so I can't help you there. 

For further information look at the DOMAIN_MEMBER document supplied with the
distribution and chapter 6 of "Using Samba" which is also supplied in html
format with the distribution. 

David Evans-Roberts

> Message: 6
> Date: Mon, 13 Nov 2000 15:42:27 -0800
> From: Martin <martin at>
> Organization: MediaX Inc.
> To: samba at
> Subject: Domain Authentication
> I've been poking through docs and non-searchable mailing lists, but I 
> haven't found the answer to this yet. First of all, how do I 
> verify that 
> my domain registration is accurate? My system seems to be in the NT4 
> domain, how do I prove it?
> Second, how do I specify users and groups in a domain as 
> valid users for 
> a resource? Do users still log in as DOMAIN\username? And how 
> do I add 
> users and/or groups with spaces in them to the list of valid 
> users for 
> accessing a resource?
> Thanks.

"Faxes and emails are used by HR Wallingford as a convenience for confidential,
and often legally privileged, business communications both within the firm and 
and with clients.  Disclosure to parties other than addressees through for example
forwarding, copying, printing, distribution etc requires HR Wallingford's
specific consent.  HR Wallingford is not liable for unauthorised disclosures
nor for subsequent actions or omissions in reliance upon them.  If you have 
received this message in error please notify us immediately and destroy  all 
copies of it."

More information about the samba mailing list