[Samba] to shares access from non-member clients/nodes

Rowland penny rpenny at samba.org
Fri Aug 30 16:25:51 UTC 2019


On 30/08/2019 17:12, lejeczek via samba wrote:
> hi guys,
>
> with Samba as below
>
> [global]
>      workgroup = NNNR
>      netbios name = PA2
>      realm = PRIVATE.REALM.MINE
>      kerberos method = dedicated keytab
>      dedicated keytab file = /etc/samba/samba.keytab
>      create krb5 conf = no
>      security = user
>      domain master = yes
>      domain logons = yes
>
> Should nodes/clients outside of domain (non-members) be able to access
> (with user+pass) Samba shares?
>
> many thanks, L.
>
>
99% of that smb.conf is for a Unix Domain member, but 'security = user' 
should be 'security = ADS' and it wouldn't be a PDC (domain master = 
yes) because it is using kerberos.

There are also no auth lines that are required for a Unix domain member.

To put it another way, that is a borked smb.conf.

If you just want a standalone server, see here:

https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Standalone_Server

If you want something else, please explain just what you are trying to 
achieve.

Rowland





More information about the samba mailing list