[Samba] restrict shares listings in domain to authenticated users
unolinuxguru
unolinuxguru at olug.org
Thu Mar 6 22:40:02 GMT 2003
I'm setting up a samba primary domain controller in Debian woody and the
users are logging into the domain fine and can access their shares. I
would like to restrict the listings of available shares to only
authenticated users of the samba domain. I know this works in a win NT4
domain, how does one do it with samba?
This is the listing I get from an nt4 pdc (belongs to a different domain
than this system 'WS-072') without supplying a username or password...
root at WS-072:/etc/samba# smbclient -L //nt4pdc
added interface ip=192.168.2.45 bcast=192.168.2.255 nmask=255.255.255.0
Got a positive name query response from 192.168.2.5 ( 192.168.2.5 )
Password:
Anonymous login successful
Domain=[HMS] OS=[Windows NT 4.0] Server=[NT LAN Manager 4.0]
Sharename Type Comment
--------- ---- -------
Error returning browse list: NT_STATUS_ACCESS_DENIED
<snip>
If I do supply a username (with the -U option) and the proper password, I
do get a listing of the available shares.
Now if I try the same listing without a username or password on the samba
primary domain controller of the workgroup this system belongs too... I
should get the same "NT_STATUS_ACCESS_DENIED" for guest user share
listings, but I don't - it shows all of them.
root at WS-072:/etc/samba# smbclient -L //debianpdc
added interface ip=192.168.2.45 bcast=192.168.2.255 nmask=255.255.255.0
Password:
Anonymous login successful
Domain=[LINUXTEST] OS=[Unix] Server=[Samba 2.2.3a-12 for Debian]
Sharename Type Comment
--------- ---- -------
tmp Disk temporary files
IPC$ IPC IPC Service (debianpdc server (Samba 2.2.3a-12 for Debian))
ADMIN$ Disk IPC Service (debianpdc server (Samba 2.2.3a-12 for Debian))
thoughts, suggestions, and of course solutions greatly appreciated. thanks.
More information about the samba
mailing list