[Samba] Share Access
garydale at torfree.net
Fri May 5 16:51:45 GMT 2006
In order for a Windows client to gain access to a share, it needs to
authenticate with a Windows user id. This id should map, either directly
or through group membership, to something your Linux/Unix box can
handle. Samba is able to handle the share mounting because it doesn't
need to access the Linux/Unix file system. However, once you start
getting at the files, those permissions are handled by Linux/Unix.
Therefore you need Linux/Unix access to the files. This means the id
that Windows is using has to map to a Linux/Unix account (or an
appropriate group mapping needs to exist).
Try installing / activating SWAT on your server. This makes
administration easy. Next, create your two users in SWAT and activate
them. I believe SWAT is smart enough to match the user names to the
existing Linux/Unix user names. Otherwise you may have to use some of
the command-line programs to do the mapping.
Donald W Watson wrote:
> Gary, thanks for the reply. However, I still don't understand.
> On the linux server, user1 is user 500 and user2 is user 501. There
> are no corresponding user id's on the linux client, and the client is
> not a member of the domain, but writing to the share file works when
> the share is mounted by user1.
> On the windows client, there are no corresponding local users, but the
> machine is a member of the samba domain; however, I still cannot write
> to the share file when the connection is made by user1.
> Sincerely, Don Watson
> Linux Technology and Solutions; Beaverton, OR
> 503-578-4861/TL: 775-4861; dwatson at us.ibm.com
> Inactive hide details for Gary Dale <garydale at torfree.net>Gary Dale
> <garydale at torfree.net>
> *Gary Dale <garydale at torfree.net>*
> 05/04/2006 08:37 PM
> Please respond to
> Donald W Watson/Beaverton/IBM at IBMUS
> samba at lists.samba.org
> Re: [Samba] Share Access
> The Linux case is easy. You are using Linux /Unix user names. When you
> attempt to connect from Windows however, you are using a Windows user
> name. This needs to map to a Linux / Unix user name.
> It's more common to use group privileges on shares with Windows, so
> putting your Windows users in groups and mapping them to Linux / Unix
> groups would also work.
> Donald W Watson wrote:
> >Could someone help me understand if what I'm seeing with share access is
> >On my samba domain I have two users (user1 and user2) and one share; the
> >share has attribute "writelist = user1".
> >On a linux machine I:
> > mount the share with "mount -t cifs -o username=user1"
> > successfully open a file in the share for writing with the perl
> > function
> > close the file
> > umount the share
> > mount the share with "mount -t cifs -o username=user2"
> > unsuccessfully attempt to open a file in the share for writing
> with the
> > perl "open" function
> > umount the share
> >This is, I think, as expected.
> >However, on Windows2003, I:
> > connect the share as user1
> > unsuccessfully attempt to open the file for writing with vim
> >This seems inconsistent with the results on linux, and not what I
> >Am I misinterpreting the expected results? Thanks for any responses.
> >Sincerely, Don Watson
> >Linux Technology and Solutions; Beaverton, OR
> >503-578-4861/TL: 775-4861; dwatson at us.ibm.com
More information about the samba