[Samba] Domain User access control in the smb.conf
Don Meyer
dlmeyer at uiuc.edu
Fri Feb 17 19:48:51 GMT 2006
Yes, if you have the "valid users =" line present in a resource's
config block, then access to that resource is limited to the defined
set of users. If not present, then any user can connect to the resource.
-D
At 01:41 PM 2/17/2006, Alex Wang wrote:
>Thanks Don, it works.
>
>Another question about that is, do I have to list all the users who need
>to access that share folder?
>
>[Test2]
> comment = Test
> path = /usr/tmp/
> valid users = "@Domain Admins"
> readonly = Yes
> write list = myaccount
>Since myaccount is not in Domain Admins, I can't even access those share
>folder. Do I have to chagne to
>
>[Test2]
> comment = Test
> path = /usr/tmp/
> valid users = "@Domain Admins", myaccount
> readonly = Yes
> write list = myaccount
>
>Thanks
>
>Alex
>
>
>
>On Fri, 17 Feb 2006 13:29:50 -0600
>Don Meyer <dlmeyer at uiuc.edu> wrote:
>
> > At 12:52 PM 2/17/2006, Alex Wang wrote:
> > >I guess the @"Domain\myaccount" is the wrong format, but I check the
> > >manual and can't find anything talk about the user list in smb.conf....
> > >
> > >smb# testparm
> > >...
> > > winbind use default domain = Yes
> >
> >
> > First off, if "myaccount" is a user account, then drop the "@" --
> > that is one of the specials used to designate a group.
> >
> > Second, with "winbind use default domain" active/enabled, you should
> > not have to specify the "DOMAIN\" part.
> >
> > Also, since you are using the special char "\" as a domain separator,
> > you need to be very cognizant of where you need to properly escape
> > it. (I.E., use "\\" instead of just "\") I'm pretty sure that
> > "valid users =" is one of those places...
> >
> > Cheers,
> > -D
> >
> >
> > Don Meyer <dlmeyer at uiuc.edu>
> > Network Manager, ACES Academic Computing Facility
> > Technical System Manager, ACES TeleNet System
> > UIUC College of ACES, Information Technology and Communication Services
> >
> > "They that can give up essential liberty to obtain a little
> > temporary safety,
> > deserve neither liberty or safety." -- Benjamin
> Franklin, 1759
Don Meyer <dlmeyer at uiuc.edu>
Network Manager, ACES Academic Computing Facility
Technical System Manager, ACES TeleNet System
UIUC College of ACES, Information Technology and Communication Services
"They that can give up essential liberty to obtain a little
temporary safety,
deserve neither liberty or safety." -- Benjamin Franklin, 1759
More information about the samba
mailing list