[Samba] SAMBA in hybrid mode
rhuang at gmail.com
Mon Jan 3 00:50:16 GMT 2005
On Sun, 02 Jan 2005 14:55:35 +1100, Andrew Bartlett <abartlet at samba.org> wrote:
> On Sat, 2005-01-01 at 03:28 -0800, Roger Huang wrote:
> > Hi,
> > I am trying to setup my SAMBA server to use both user and share
> > security so I can have share printers for all clients without
> > authentication while protecting the file shares. Does anyone have a
> > working example that I can use as a reference?
> Have you considered allowing guest access to your server, in user level
> 'map to guest = bad user' does the same as enabling the guest account on
> on windows. You then choose what shares/printers to allow guest access
> Andrew Bartlett
I have try allowing guest access to my samba server in user level
security. Here's my samba config in user level security.
workgroup = IINETWORK
server string = %h server (Samba %v)
interfaces = 10.1.0.3
bind interfaces only = Yes
map to guest = Bad User
obey pam restrictions = Yes
passdb backend = ldapsam:ldap://localhost
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\sUNIX\spassword:* %n\n
*Retype\snew\sUNIX\spassword:* %n\n .
syslog = 0
log file = /var/log/samba/log.%m
max log size = 1000
read raw = No
name resolve order = lmhosts host wins bcast
socket options = IPTOS_LOWDELAY TCP_NODELAY SO_RCVBUF=8192
printcap name = cups
os level = 65
preferred master = Yes
domain master = Yes
dns proxy = No
wins server = 10.1.0.3
ldap admin dn = "cn=admin,dc=su,dc=iinetwork,dc=net"
ldap group suffix = "ou=Groups"
ldap machine suffix = "ou=Computers"
ldap suffix = "dc=su,dc=iinetwork,dc=net"
ldap user suffix = "ou=People"
panic action = /usr/share/samba/panic-action %d
invalid users = root, sashroot, bin, daemon, named, sys, sync,
tty, disk, mem, kmem
hosts allow = 10.1.0., 127.0.0.1
hosts deny = ALL
write cache size = 262144
printing = cups
print command =
lpq command =
lprm command =
comment = Printer Drivers
path = /var/lib/samba/printers
comment = Home Directories
path = /home/%u
read only = No
create mask = 0660
browseable = No
volume = Home
comment = HP LaserJet 6L
path = /tmp
create mask = 0700
guest ok = Yes
printable = Yes
use client driver = Yes
When I try to access the printer from XP (\\jupiter\hplj6l), it's
prompting me for my login and password information. I don't want to
have to login to my windows to access the printer share. However, I
do want to be prompted for my login and password when I try to access
my home directory (\\jupiter\rhuang).
Please let me know what I need to do to get public print share working
with user level security setting.
More information about the samba