[Samba] Access to shares for authenticated domain users only

Chris Smith chris at realcomputerguy.com
Thu Mar 27 16:11:19 GMT 2003


I believe this works OK with an NT PDC as one can restrict share users
to, as an example, members of the "Domain Users" group, but this group
is not available in Samba 2.2.x. Maybe 3.0 will help.
I suppose, as one hack, you could use a "root preexec" and a "root
postexec" to add and remove users to a particular group as they log on
and off and then use this group to define the valid users of the share.

On Thu, 2003-03-27 at 00:31, Kevin wrote:
> I am running several samba servers (2.2.3a and 2.2.7) in various places as
> pdcs. Everything seems to be running smoothly, but I can't find any way of
> restricting access to only those uses who have logged on to the domain. Is
> this possible? ie at the moment, any user can map a drive to \\server\share,
> put in a valid user/password pair and have access to that share without
> going through any logon script or pol files. This is what I would like to
> avoid. I believe that if I can do this, it would also stop any unauthorised
> machines from accessing the shares, as these machines would not be joined to
> the domain.
> 
> Is this sort of authorisation possible?



More information about the samba mailing list