Samba Help

trlists at clayst.com trlists at clayst.com
Sat Mar 8 21:21:24 EST 2003


On 8 Mar 2003 Scott Prive wrote:

> I suggest user, unless you have a high number of Windows accounts.

No, it is only a few accounts.  I'll switch it to user, I was beginning 
to think that would be the right route.  

> > - When a Windows machine connects where does it get the username and
> > password passed to the server?

> It's part of network negotiation. You won't see it unless you turn Samba's
> loglevel up to Debug, or you run a sniffer such as etherreal.

Understood, thanks.  But what value does Windows use for the user name? 
The machine's network name?  The logged on user's name (if there is one 
-- not always true on Win98)?  Something else?

> You mean making a samba password? Yes.

So what I need to do is identify the Windows user names, set up a share 
in smb.conf for each (if I want each to have a private area), or use 
[homes] to do the same thing automatically.  But regardless, [homes] or 
no, I need to create a Linux user, Linux password, and samba password 
for each of them (unless I want to use 'force user').

Any public shares can be set up separately.

Also, my understanding is that if the Windows usernames are not the 
same as the ones I use on the Linux box I can fix that with a username 
map.

Does all that sound right?  If so, one more question -- if I use a 
username map do I use the Windows or Linux user names (i.e. before the 
mapping or after) when setting up user names for individual shares in 
smb.conf.  In other words, if the username map looks like this:

	tom = Thomas
	bill = William

Then do my user directives for the shares use "tom" or Thomas", etc.?

> > - What should the owner and group be for the private directories?  For
> > the public ones?

> Assuming authentication is successful, file access is still restricted by
> permissions on the files. There is an exception to this where Samba can
> bypass standard security, but don't worry about this.

OK, so the private directories can be owned by the individual users and 
I can presumably create a "samba" group to put them in.  I guess I 
could also create a "samba" area 

> Why don't you want to use guest? Just curious.

No reason, just wondering if there were drawbacks to it.  With security 
= user I don't think I'll be using guest anyway, will I?

Thanks for all the help!  Also thanks to Vince for the link to the 
Oreilly online book.

 ----------
 Tom Rawson






More information about the Discuss mailing list