What is WinBind and how does it work?

Anthony J. Breeds-Taurima tony at cantech.net.au
Tue Oct 23 19:11:07 GMT 2001

On Tue, 23 Oct 2001, Orwig, Paul wrote:

> Thanks that helps a little. I'm still unclear where the PAM module is used.
> Is it necessary for Windows access or only for UNIX logins?

Okay pam can be used to authenticate multiple services against the samba
users database.
> We discussed using a generic share, however the data is extremely sensitive
> and we need to limit access to only those who require it.

Okay, well if you need to limit access to certain users then you will need a
way to authenicate the users on the local machine.

If you're anly talking about a handfull (or lots but with little fluctuations)
install samba 2.2.2 and join you NT domain.
set your security=domain in smb.conf
create a user on the unix machine with the SAME username as the NT domain.
local the account.
Create a local group (on the unix machine).
Create the share and place the data in it.
	path = /usr/local/data
	writeable = no
	browseable = no
	valid users = @<your Group>

That will mean that the share will not be visible to most people, the users
you create will NOT have local access. and only the users you create will be
able to access the data AND it will not be writeable to anyone (via samba).

Yours Tony.

 * "The significant problems we face cannot be solved at the 
 * same level of thinking we were at when we created them."
 * --Albert Einstein

More information about the samba mailing list