[Samba] Access to a server using multiple netbios names and include
dpullman at cme.nist.gov
Mon Apr 7 18:18:56 GMT 2003
We have a file server, solaris 2.8 running SAMBA 2.2.8, that has two
netbios names and we have an include file for smb.conf for each.
We have some machines that are trusted and some that are not. Trusted
means standardized windows install, users don't have root, untrusted
means not necessarily standard install, users do have root. The trusted
machines are defined in an NIS netgroup. The untrusted machines are in
a different NIS netgroup.
The basic hostname/netbios alias shares directories to machines that are
trusted, but not to an untrusted group of machines.
The second name, defined as a netbios alias, shares a separate set of
directories to the trusted and untrusted machines.
The smb.conf file has basic parms set for the network etc. The include
files each has a host allow line and the shares for the appropriate group.
The problem seems to be that if we only share the basic hostname/netbios
alias shares to the trusted group, and then try to share the other
shares to both the trusted and untrusted netgroups, the untrusted
netgroup machines can not see any shares. If we share everything to
both netgroups, then every machine has access.
We're trying to give access to all shares to the trusted machines, and
only access to some shares to the untrusted machines. It sounded like
the netbios aliases and the include file paradigm would provide for
this, but it looks like in testing that only the host allow for the base
netbios alias is honored, regardless of which netbios name is used for
access by the client machine.
Has anyone tried to so something like this? We're constrained a bit by
having only one Enterprise class machine to use as a file server, and
trying to separate access to shares from that one server.
Any thoughts would be greatly appreciated. I can post smb.confs or
parts of them as needed.
Thanks very much
MEL Systems Administration
More information about the samba