[Samba] "Only users" seems nonfunctional

Ben Tels bzt at bentels.dyndns.org
Mon Jan 6 04:29:00 GMT 2003

On Sunday 05 January 2003 17:57, John H Terpstra wrote:

> > security = share
>              ^^^^^
> This means, so long as I have ANY users' password I get in!


> If you want to log on only as a particular user you should use 'USER' mode
> security.

In general, I don't.

> If you want to restrict access to only this user then instead of (or in
> addition to - depending on what end result you want) add:
> valid users = bzt


> > Now, according to the manpage for smb.conf, I should only be able to log
> > in and use service BenD as user bzt.
> Not quite! See above.

Aha. So when it says in the manpage for smb.conf

"only user (S)
              This is a boolean option that controls whether connections with
               usernames not in the user list will be  allowed. By  default 
               this  option  is disabled so that a client can supply a       
               username to be used by the server. Enabling this parameter will
               force the server to only user the login names from the user  
               list and is only  really  useful in shave level security."

then that is basically just not true.

> See above suggestions.

Tried it, doesn't help. Valid users WITH user doesn't limit access to anybody, 
WITHOUT nobody can get in (INCLUDING the accoutns that ARE supposed to have 

And I can't switch to user-level security, I need access to certain shares for 
usernames that are not accounts on the Samba-machine.

Ben Z. Tels
bzt at bentels.dyndns.org
optimusb at stack.nl

"The Earth is the cradle of the mind, but one cannot stay in the cradle

More information about the samba mailing list