[Samba] Access to shares from within and outside of a Domain
Richard Booth
r.booth at ulcc.ac.uk
Fri Aug 1 11:58:37 GMT 2003
Hi Marian,
In summary, I want to be able to access the "Data" share without
authenticating
from both the W2K Domain and Standalone servers networks. The Data share
is purely to store backup data and has been secured using ipchains, etc.
What I need is a smb.conf file that lets me do this. Current set up below.
Thanks - Richard.
**********************************************************************************
The samba system is set up as follows:
<eth1>-192.21.28.10 - W2K Domain server network
Samba sys(Data share)-|
<eth2>-129.21.25.3 - Standalone servers network
If I use "security = users" I get to the shares from the w2K domain,
with a valid account, but get asked to authenticate from the
stand alone machines. smb.conf for this set up below:
[global]
workgroup = TEST
username map = /etc/samab/users.map
security = user
smb passwd file = /etc/samba/smbpasswd
name resolve order = host
allow hosts = 192.21.28.0/255.255.255.0 127.0.0.0/255.0.0.0
deadtime = 30
debug level =3
encrypt passwords = yes
log file = /var/log/samba/log.%U
guest account = nobody
map to guest = bad user
passwd program = /usr/bin/passwd %u
unix password sync = yes
passwd chat = New*Password* %n\n \
\nRe-enter*new*Password* %n\n \
*successfully*changed*\n
[data]
comment = Test share
path = /data
guest ok = yes
browseable = no
writable = yes
create mask = 0760
directory mask = 0770
smbpasswd file:
test:280:512A282D2562C7BEAAD.......:[UX ]:LCT-3F27EAF8:
nobody:99:AAD3B435B51404EEAA.......:[UX ]:LCT-3F28CAC7:
If I use "security = share" I get to the share from the workstations,
without authenticating, but cannot map the share from the W2K domain.
smb.conf for this set up below:
[global]
workgroup = TEST
allow hosts = 192.21.25.0/255.255.255.0 127.0.0.0/255.0.0.0
name resolve order = host
guest account = nobody
username map = /etc/samab/users.map
log file = /var/log/samba/log.%U
security = share
encrypt passwords = yes
deadtime = 30
browseable = no
debug level = 3
disable spoolss = yes
[data]
comment = Test share
path = /data1
browseable = no
writable = yes
guest ok = yes
create mask = 0760
directory mask = 0770
>send not snipped all smb.conf and schematic router net conf of your servers
>and clients that one work and one not.
>Domain not domain is not exact diferent ... for standalone servers.
>You must have any missed config.
>Send list of users from smbpasswd.
>
>Bye.
>
>
More information about the samba
mailing list