Samba and Windows user ids

[me-5yx05kfkO/aqeI1yJSURBw at public.gmane.org (Matthew Gillen)]

On 04/24/2010 05:18 PM, Jerry Feldman wrote:
> At work, I export our home directories as well as a few others. I'm
> using NIS for password management on RHEL 5.2. Normally when a Windows
> user creates a file, the user id is changed to nobody. This was fine for
> me since most Windows users were simply viewing files, but one of my
> coworkers now wants to be able to update files in his home directory,
> and if windows wants to update an existing file, he will have problems
> as well as when he logs into Linux.  Since we only have 6 people in the
> office and only 1 person who currently wants to be able to modify files
> on both Linux and Windows, I'd like a fairly simple solution. Would
> something like "Share-level" security work where it would require users
> to enter their password to obtain their home directory. Other
> directories would continue to use 'User-level' security.

For his directory, you could create a special share, and use 'force user'.
Something like this:
[jamesbond]
   path = /home/jbond
   validusers = jbond
   force user = jbond
   read only = no

A better solution would be to check your smbusers to ensure that everyone's
windows username maps to their unix username (if they're not in there, I
think it default maps to 'nobody').  That should solve the problem for
everyone (assuming you're already forcing them to use a username/password to
access the shares, then you shouldn't have to change anything w.r.t.
share-level vs. user-level security).

HTH,
Matt