Share/User Security Mix (unnecessary!)
David Collier-Brown
davecb at canada.sun.com
Tue Oct 16 04:47:02 GMT 2001
August Zajonc" wrote:
| I'd like to have some shares be available to all clients
| with the right password (aka share security)
| I'd like some shares available to all with no password.
The first can be done with acls, group permissions,
read/write list or any other per-user access control
mechanism.
The second can be done without using
share-level security (insecurity?), by
saying:
[global]
# Make selected sdhares acessible to unauthorized users!
# so they can pick up .reg files to turn off MS encryption.
guest account = guest
map to guest = bad user
[public]
# This share contains plain-password .reg files
comment = You will find the various PlainPassword.reg \
files here
path = /usr/local/samba/public
guest ok = yes
guest only = yes
browseable = yes
read only = yes
The trick is to use map to guest, which has
some subtle behaviors: see the smb.conf.5 file
for more info. (You probably want guest ok = no
as the default and in other shares!)
--dave
--
David Collier-Brown, | Always do right. This will gratify
Americas Customer Engineering, | some people and astonish the rest.
SunPS Integration Services. | -- Mark Twain
(905) 415-2849 | davecb at canada.sun.com
More information about the samba
mailing list