[Samba] Allow access to a share for only one machine account
Danny Fedor
lubomirf.vav at gmail.com
Mon Apr 21 05:23:02 MDT 2014
Thank you for your replies.
As for hosts allow -- if I'm not wrong this works only in the global section
of smb.conf and limits access to all shares. I need to limit access only to
one of them.
I have tried to set permissions of the share to allow r/w only for the
"Domain Controllers" group, but it doesn't work; I think it expects the
connecting user to be a member of the group, not the connecting machine. Is
it even possible to limit access to a share based on a computer the user is
connecting from? As far as I know, using NTFS permissions, it isn't.
But in the link I've posted, they managed to achieve that through "valid
users" directive in smb.conf which for me should look something like this:
[share]
valid users = UBUNTU1$
However, when they run klist on their machine (in their case rhls64$), it
shows the machine has ticket with its credentials. When I run klist on my
UBUNTU1 (or even UBUNTU2) it shows nothing.
If I run "kinit UBUNTU1$" kerberos replies with:
Client 'UBUNTU1$@MY.DOMAIN' not found in Kerberos database while getting
initial credentials.
--
View this message in context: http://samba.2283325.n4.nabble.com/Allow-access-to-a-share-for-only-one-machine-account-tp4664550p4664560.html
Sent from the Samba - General mailing list archive at Nabble.com.
More information about the samba
mailing list