[Samba] design question for small environment

Stefan G. Weichinger lists at xunil.at
Mon Sep 10 06:35:38 UTC 2018


Greetings samba-users

another "design issue" here

I run 2 servers in a very closed environment, basically it is only one 
fileserver, the 2nd does snapshots and backups etc

That server is configured as standalone and knows only ~6 local users. 
No ADS, no domain membership.

Think of a separated department in a company which has to be as 
disconnected from the company's IT as possible.

The users there wrote themselves a batch-script that connects their 
network shares, it contains cleartext passwords ... bad

Now they had a security audit and we should get rid of that batch file, 
sure.

I consider setting up an ADC for that one server overkill. And I wonder 
where they would keep their passwords then, it wouldn't change that.

And connecting to the company's AD isn't wanted because that would allow 
the "upstream IT" access to the protected server.

How do other admins solve that?
I'd appreciate any clever suggestions or examples.

greets, Stefan



More information about the samba mailing list