[Samba] Samba authentication

[Filipe Joel de Almeida]

Thanks Steve for your time.

I'm trying to do everything by hand and without any GUI or wizards, so
that I really learn how things work, so I'm having a little more work
(specially because I just started using linux this week) but I think
that with time it will be better this way.

My idea for now is to have a Linux server integrated into a W2K domain,
and providing that domain users with files.

I have the users in the domain grouped in several groups.

Isn't there any way that I, on the linux machine, "share" folders for a
certain group and every user that is created in W2K and added to that
group has access to that folder.

My problem is that my first production deployment of samba is in a
network of 100+ users with some rotativity (lots of users gone, and new
come in). I really don't want to have to create each user twice.

Can anyone tell me a way to implement this kind of slution?

Filipe Joel de Almeida
Network Consultant
Filipe.Joel at netcabo.pt


-----Original Message-----
From: Steve Thom [mailto:samba at steventhom.com] 
Sent: sábado, 28 de Setembro de 2002 17:59
To: Filipe.joel at netcabo.pt; samba at lists.samba.org
Subject: Re: [Samba] Samba authentication

Each user that needs to access the server will need to be a linux user
as
well, with unix permissions to access the directory in question. It is
best
to use "user" security instead of "domain" with password synchronization
between samba and unix enabled. Any users created in unix will be added
to
samba.

If this becomes an issue (too many users, two systems to maintain), you
may
want to consider mapping bad usernames to guest, setting the guest user
up
as a generic user in unix, then allowing guest access to the share. This
pretty much opens the share up to everyone, something you may wisn to
avoid.
This is usually done when deploying Samba as a print server. It avoids
administrative overhead.

You can also use winbind to synchronize samba permissions with a NT
domain.
This is beyond me, someone else could step up to help you there.

Another thing to consider - the samba user needs to have permissions to
access the unix directory. Samba permissions and unix permissions are
two
distinct issues. You could share a directory in samba that nobody can
read,
let alone write to from Windows. The individual users need to have
access,
or better yet the group to which they belong. Conversely, if you map to
guest, make certain the guest user has rights to the unix directory.

You may want to download Webmin (www.webmin.com). It gives you a nice
web-based interface to manage everything.

Good luck,

Steve

----- Original Message -----
From: <Filipe.joel at netcabo.pt>
To: <samba at lists.samba.org>
Sent: Saturday, September 28, 2002 6:03 AM
Subject: [Samba] Samba authentication


Hi,

I'm trying to set up samba for the first time.

I can already ping the linux machine from a windows machine by its
NetBIOS
name.

But when I try to do \\linux (thats the machine name) it asks me for
username and
password

Here goes my smb.conf file:

[global]

workgroup = NS
netbios name = Linux
server string = Samba Server
hosts allow = 192.168.69. 127.
interfaces = 192.168.69.110/24
log file = /var/log/log.%m
max log size = 50

security = domain
password server = *
encrypt passwords = yes
socket options = TCP_NODELAY
os level = 255
wins support = no
dns support = no

Do I have to create users locally, or say that specific users from the
domain can
access the server?

I haven't created any share yet, might that be a problem too?

Thanks in advance...

Filipe Joel de ALmeida
--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba