[Samba] limiting authentication duration
jkliment at cta-rj.com.br
Wed Oct 8 11:47:22 GMT 2003
Very interesting question, I am interested in knowing this as well.
On Wednesday 08 October 2003 00:21, Doc Dawson wrote:
> Question 1: Is there a way to keep an authentication to a Samba share from
> lasting indefinitely?
> I am implementing a Linux file server for a network of machines all running
> Windows 98 SE. (Redhat 9, Samba 2.2.7a, share-level security.) Once a
> user provides a valid password and connects to a Samba share, Samba allows
> that client machine to access that share indefinitely.
> In our office each machine may not be used by the same user every day. If
> Joe connects to a Samba share on Monday by providing the proper password,
> then Mary uses that client machine on Tuesday, she will have access to the
> share without needing the password. Is there a way to make Samba ask for
> the password again?
> Initially I thought I could just set the deadtime and keepalive options so
> the connection would be terminated if it is not used for a while. But
> apparently Windows just autoreconnects.
> I tried restarting the Samba service but that doesn't work either.
> Even "smbcontrol smbd close-share * " doesn't prevent autoreconnection.
> In the O'Reilly book "Using Samba" (second edition) the section on
> Share-Level Security mentions a REVALIDATE=YES option which I thought might
> be relevant. However testparm identifies this as an "unknown
> parameter". (BTW, revalidate does not appear in the index nor in the
> Configuration Option appendix of the second edition, so I suspect this is a
> deprecated option, although it was not removed from the text.)
> Related, but slightly different
> Question 2: Is there a way for a user on a Windows client to get Samba to
> ask for a new password?
> Suppose I have a share such as:
> path = /var/project1/data
> username = mary, admin
> read only = yes
> write list = admin
> If mary connects to the share, then asks me to come assist her and I need
> to write to the share from the Windows machine she is using, how can I
> terminate her authentication so I can connect with my password and get
> write privileges?
> I'm new at this, so if any of my terminology is not right please let me
> know so I can get it right next time.
> Doc Dawson
> Longwood Family Medicine
> Longwood, Florida
> doc at dawson.cc
More information about the samba