[Samba] SAMBA in hybrid mode

Roger Huang rhuang at gmail.com
Mon Jan 3 00:50:16 GMT 2005


On Sun, 02 Jan 2005 14:55:35 +1100, Andrew Bartlett <abartlet at samba.org> wrote:
> On Sat, 2005-01-01 at 03:28 -0800, Roger Huang wrote:
> > Hi,
> >
> > I am trying to setup my SAMBA server to use both user and share
> > security so I can have share printers for all clients without
> > authentication while protecting the file shares.  Does anyone have a
> > working example that I can use as a reference?
> 
> Have you considered allowing guest access to your server, in user level
> security?
> 
> 'map to guest = bad user' does the same as enabling the guest account on
> on windows.  You then choose what shares/printers to allow guest access
> to.
> 
> Andrew Bartlett

Hi,

I have try allowing guest access to my samba server in user level
security.  Here's my samba config in user level security.

[global]
       workgroup = IINETWORK
       server string = %h server (Samba %v)
       interfaces = 10.1.0.3
       bind interfaces only = Yes
       map to guest = Bad User
       obey pam restrictions = Yes
       passdb backend = ldapsam:ldap://localhost
       passwd program = /usr/bin/passwd %u
       passwd chat = *Enter\snew\sUNIX\spassword:* %n\n
*Retype\snew\sUNIX\spassword:* %n\n .
       syslog = 0
       log file = /var/log/samba/log.%m
       max log size = 1000
       read raw = No
       name resolve order = lmhosts host wins bcast
       socket options = IPTOS_LOWDELAY TCP_NODELAY SO_RCVBUF=8192
SO_SNDBUF=8192
       printcap name = cups
       os level = 65
       preferred master = Yes
       domain master = Yes
       dns proxy = No
       wins server = 10.1.0.3
       ldap admin dn = "cn=admin,dc=su,dc=iinetwork,dc=net"
       ldap group suffix = "ou=Groups"
       ldap machine suffix = "ou=Computers"
       ldap suffix = "dc=su,dc=iinetwork,dc=net"
       ldap user suffix = "ou=People"
       panic action = /usr/share/samba/panic-action %d
       invalid users = root, sashroot, bin, daemon, named, sys, sync,
tty, disk, mem, kmem
       hosts allow = 10.1.0., 127.0.0.1
       hosts deny = ALL
       write cache size = 262144
       printing = cups
       print command =
       lpq command =
       lprm command =

[print$]
       comment = Printer Drivers
       path = /var/lib/samba/printers

[homes]
       comment = Home Directories
       path = /home/%u
       read only = No
       create mask = 0660
       browseable = No
       volume = Home

[hplj6l]
       comment = HP LaserJet 6L
       path = /tmp
       create mask = 0700
       guest ok = Yes
       printable = Yes
       use client driver = Yes

When I try to access the printer from XP (\\jupiter\hplj6l), it's
prompting me for my login and password information.  I don't want to
have to login to my windows to access the printer share.  However, I
do want to be prompted for my login and password when I try to access
my home directory (\\jupiter\rhuang).

Please let me know what I need to do to get public print share working
with user level security setting.

Roger


More information about the samba mailing list