[Samba] Is it possible to set the protocol for a single client

Jeremy Allison jra at samba.org
Wed Feb 10 20:16:52 UTC 2021

On Wed, Feb 10, 2021 at 12:14:06PM -0800, Jeremy Allison via samba wrote:
>On Wed, Feb 10, 2021 at 08:02:41PM +0000, Rowland penny wrote:
>>On 10/02/2021 19:46, Jeremy Allison wrote:
>>>Matching on the remote hostname (%M) is
>>>done at socket accept time (it's how
>>>we handle the "hosts allow/ hosts deny"
>>>This is *before* the negprot is processed,
>>>so if there is an include that adds
>>>"server minimum protocol = NT1" it
>>>will allow the client that matches
>>>to connect using SMB1, but all others
>>>will be restricted to SMB2+.
>>OK, I can understand that, but are you saying that if there is a 
>>line like 'include = /path/to/smb.conf.%M' in smb.conf and there is 
>>a file called smb.conf.clientname in /path/to , then the contents of 
>>that will be used instead of what is in the main smb.conf ?
>Not instead of, included at that point.
>>Wouldn't you have to reload the samba config ?
>et voila !
>4114         /* this is needed so that we get decent entries
>4115            in smbstatus for port 445 connects */
>4116         set_remote_machine_name(remaddr, false);
>4117         reload_services(sconn, conn_snum_used, true);
>Remember, Samba is *old* and has many, many
>strange wrinkles that were added a long time
>ago :-).

This "feature" was commonly used a long time
ago to present different shares to different
client machines depending on IP address/name.

More information about the samba mailing list