samba digest, Vol 1 #572 - 55 msgs

Brendon Meyer Brendon_Meyer at
Thu Sep 13 16:39:02 GMT 2001

> Message: 16
> From: "Hugo Levasseur" <hugo.levasseur at>
> To: "Samba Mailing List" <samba at>
> Subject: about mutiple security levels
> Date: Wed, 12 Sep 2001 19:52:03 -0400
> in the samba docs I find
>  "It is possible to use smbd in a hybrid mode where it is offers both
> user and share level security under different
> <>
> NetBIOS aliases"
> no clue aas to how to do this though .. anyone know?

The way that I have achieved this using FreeBSD is as follows given the
following information.

Original IP Address:
Original Hostname:    tarja

1.  Created a new IP alias for the machine
    (ifconfig <interface> alias netmask 0xffffffff)

2.  Created a DNS entry for the new alias (which I called swserver)
    which means that the one machine now has two ip addresses
    and two separate hostnames which nicely resolve via DNS.  

3.  Made my root 'smb.conf' look a bit like this:
	<global stuff ... snip>
	netbios aliases = tarja swserver
	include = /usr/local/etc/samba/

4.  Created the two additional 'configuration' files as follows:
	encrypt passwords = yes
	security = share

	path = /data/netapps
	writeable = yes
	public = yes
	force user = nobody
	force group = nobody

	<additional shares ... snip>
	encrypt passwords = yes
	security = user

	path = /data
	writeable = yes
	public = no

	<additional shares ... snip>

The end result is that if I use this from the <start><run> box from a W2k

It is using user level security.  

If I call the same machine though with this 

It behaves entirely differently in that it uses share level
security (and offers up different shares).  

More information about the samba mailing list