[Samba] Block samba hosts by domain

Erick Ocrospoma zipper1790 at gmail.com
Wed Nov 9 21:37:30 UTC 2016

Hi everybody,

I'm setting up a Samba under RHEL 7.0, just a simple samba server. But I'm
having trouble with blocking access to shares, to be specific with domain

I'm using default config in samba.conf, just added the share's config.

While blocking by network range it works. Even when some IPs in the network
172.25.0.X are subdomains of example.com, they are not blocked.

Name resolution is done with a DNS server, which works fine. I mean, each
host can do name resolution to other hosts on example.com domain.

Here is the samba config:

                workgroup = TESTGROUP
                server string = Samba Server Version %v
                log file = /var/log/samba/log.%m
                max log size = 50
                security = user
                passdb backend = tdbsam
                load printers = yes
                cups options = raw

                comment = Home Directories
                browseable = no
                writable = yes

                comment = All Printers
                path = /var/spool/samba
                browseable = no
                guest ok = no
                writable = no
                printable = yes

                comment = DATA share
                path = /sambadir
                hosts allow = 172.25.0. .example.com
                browsable = yes
                valid users = susan

                comment = CLUSTER share
                path = /opstack
                valid users = frankenstein

‚ÄčThanks in advance.




IRC     :   zerick
Blog    : http://zerick.me
About :  http://about.me/zerick
Linux User ID :  549567

More information about the samba mailing list