[Samba] users/passwds
Frank Matthieß
Frank.Matthiess at Microdata-POS.de
Fri Sep 20 07:37:00 GMT 2002
Donnerstag den 19.09.2002 um 18:16 CEST +0200, schrieb P. Jourdan:
> At 04:40 PM 9/19/2002 +0200, you wrote:
> >> How is the Windows username/passord related to samba access? Must the
> >same
> >> username/password be created with smbpasswd?
> >
> >You have to make sure that you create unix user and groups, that should
> >be used by samba/windows client.
>
> Right. But before installing samba there are already users and groups on
> the machine. Does one need to create new users/groups for samba? Which ones?
samba and the windows access based on the unix permissions. You can use your
already avalilable users/groups.
>
>
> >For the first time it's easier to generate from your actual passwd the
> >corresponding smbpasswd:
> >
> >cat /etc/passwd | /usr/sbin/mksmbpasswd > /etc/samba/smbpasswd
>
> on my machine (FreeBSD 4.6.2) there is no "mksmbpasswd" , at least, I could
> not find it.
if you are a little bit familar with shellscripting, you are able to generate
from your /etc/passwd a valid smbpasswd.
[start]
#!/bin/bash
cat /etc/passwd | while read UNAME PW UID GID GECOS HOME SHELL;
do
# if not root account
[ $UID -ne 0 ] && smbpasswd $UNAME $UNAME
done;
[stop]
This should generate all users from passwd with the password=username.
This is not testet yet.
But - wait. mksmbpasswd should also be a shellscript. Found and attached.
mksmbpasswd set _no_ password.
>
>
> >> What users/groups need to exist or be created on the Unix machine? Are
> >any
> >> created automatically by samba installation?
> >
> >samba itself runs as root, but switch to the assigned windows/unix user,
> >to make sure to access with the correct rights.
>
> Who is the "assigned windows/unix user"?
man smb.conf:
guest account (S)
This is a username which will be used for access to
services which are specified as guest ok (see
below). Whatever privileges this user has will be
available to any client connecting to the guest
service. Typically this user will exist in the
password file, but will not have a valid login. The
user account "ftp" is often a good choice for this
parameter. If a username is specified in a given
service, the specified username overrides this one.
One some systems the default guest account "nobody"
may not be able to print. Use another account in
this case. You should test this by trying to log in
as your guest user (perhaps by using the su - com
mand) and trying to print using the system print
command such as lpr(1) or lp(1).
Default: specified at compile time, usually
"nobody"
Example: guest account = ftp
guest ok (S)
If this parameter is yes for a service, then no
password is required to connect to the service.
Privileges will be those of the guest account.
See the section below on security for more infor
mation about this option.
Default: guest ok = no
>
> >> What users/groups need to be set up for "guest" access?
> >
> >It's up to you, which unix user would be the "guest". But hopefully not
> >"root".
>
> How do I determine or set up the guest?
>
>
> >> What is the difference between smb.conf entries "public = yes (or no)"
> >and
> >> "guest ok = yes (or no)"?
public (S)
Synonym for guest ok.
> >
> >man smb.conf
> >
> >and last but not least:
> >
> >http://www.samba.org/samba/docs/Samba-HOWTO-Collection.html
>
> I've been through all that... tedious & confusing - I could not find clear
> answers.
You a fighting on two areas. It isn't really easy.
In the beginning with samba, i read the while man smb.conf, to get an idea of
the conf posibilities.
After that, i prefer to "decode" the actual smb.conf with the testparm tool.
testparm check the smb.conf as smbd should do, and much more important at this
stage, it print out the _whole_ config. Also the default and buildin vars.
Frank.
PS: One note: Please let all samba listmember participate from this
thread, so i forward that to the list.
--
Frank Matthieß fm at Microdata-pos.de
Am Wellbach 4 Tel +49 521 97 22 6 0
D 33609 Bielefeld Fax +49 521 97 22 6 30
-------------- next part --------------
#!/usr/bin/awk -f
BEGIN {FS=":"
printf("#\n# SMB password file.\n#\n")
}
{ printf( "%s:%s:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:[U ]:LCT-00000000:%s\n", $1, $3, $5) }
More information about the samba
mailing list