[Samba] Samba settings for public and HOME

Tue Nov 30 07:24:01 MST 2010

Am Dienstag 30 November 2010, 08:03:26 schrieb Daniel Müller:
> You are missing  the path= in your [homes]
> 
> 

the [homes] section does not need an explicit path specification
if the users (*nix) home dir should be used.
For specific setups one can specify a path here.
See "The [homes] section" in 'man smb.conf' 

> 
> -----------------------------------------------
> EDV Daniel Müller
> 
> Leitung EDV
> Tropenklinik Paul-Lechler-Krankenhaus
> Paul-Lechler-Str. 24
> 72076 Tübingen
> 
> Tel.: 07071/206-463, Fax: 07071/206-499
> eMail: mueller at tropenklinik.de
> Internet: www.tropenklinik.de
> -----------------------------------------------
> -----Ursprüngliche Nachricht-----
> Von: samba-bounces at lists.samba.org [mailto:samba-bounces at lists.samba.org] Im
> Auftrag von Jeenu V
> Gesendet: Freitag, 26. November 2010 16:24
> An: samba at lists.samba.org
> Betreff: [Samba] Samba settings for public and HOME
> 
> On a Lucid server, I've two sections defined in my /etc/samba/smb.conf
> file: one is the default [homes] section and another public share that
> I'm using share files in LAN.
> 
> [homes]
>    comment = Home Directories
>    browseable = no
>    read only = no
>    create mask = 0600
>    directory mask = 0700
>    valid users = %S
>    guest ok = no
> 
> [share]
>    comment = Shares
>    path = /work/share
>    browseable = yes
>    read only = yes
>    create mask = 0600
>    directory mask = 0700
>    guest ok = yes
> 
> With the default security = user, I can't have the public share
> accessible to the world, because it asks for password and rejects
> anyone without right credentials. To circumvent that I set security =
> share. Now I'm able to see the directory 'share' when I do \\my-server
> from Windows. However, the problem I face is that, I can't access my
> home directory by saying \\my-server\jeenu; it says not accessible.
> However, I'm able to map it via Tools->Map Network Drive, by giving
> the right credentials.
> 
> My question is how can I (or any one) have the best of both the
> worlds? I.e. without having my home directory network mapped, how to
> access the share by typing \\my-server and access their home directory
> by \\my-server\jeenu.
> 
> FWIW, I've:
>   map to guest = bad user
> 
> Thanks.
> --
> 

When "security = user" is used and anonymous share(s) should
also be made available, the following must be used:

Inside the [global] section set
     map to guest = bad user
     guest account = <some_unix_user> The default is "nobody". This *nix
user must exist and is then used for all file operations. So this user must
have file systerm permissions on all anonymously exported share paths.

Inside an anonymously accessible share definition set e.g.
[mytest]
       guest ok = yes

Have a closer look at 'man smb.conf' for _all_ the above used settings.

To check the current/default definition of some smb.conf settings,
e.g. let's say "guest account", use the following:

testparm -vs 2>&1 | grep 'guest account'

Cheers, Günter