Date: Mon, 10 Jan 2000 05:20:17 -0500 From: Walter Brameld <brameld@twave.net> To: David Daugherty <davidd@cc.wwu.edu> Cc: "Freebsd-Questions@Freebsd. Org" <freebsd-questions@freebsd.org> Subject: Re: Samba access rights Message-ID: <3879B261.A14B9646@twave.net> References: <NDBBIONPPMKKLGFBGEGPEEDECEAA.davidd@cc.wwu.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
The only thing I can think of that may be causing you problems is if SAMBA is
not set to deal with encrypted passwords. I've pasted the pertinent information
at the bottom of this message.
Also, shouldn't you be labelling the section [user] rather than [usersdir] ?
David Daugherty wrote:
> I can only connect to my samba server (2.0.5) using root access. I'm unable
> to connect using any other logins. In my smb.conf I have:
> [usersdir]
> comment = user's connection
> path = /home/user
> valid users = user
> public = no
> writeable = yes
> printable = no
>
> I have one of these blocks for each user I'm trying to give access to. Also,
> when I map to the samba server as root I can see each of the /home/user
> shares. What am I doing wrong here?
>
> David
> davidd@cc.wwu.edu
> Washington State Resident
> ICQ 21106702
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-questions" in the body of the message
6.1 Users and Groups
Before we start, we need to warn you up front that if you are connecting
to Samba with a Windows 98 or NT 4.0
Workstation SP3, you need to configure your server for encrypted passwords
before you can make a connection; otherwise,
the clients will refuse to connect to the Samba server. This is because
each of those Windows clients sends encrypted
passwords, and Samba needs to be configured to expect and decrypt them.
We'll show you how to set up Samba for this
task later in the chapter, assuming you haven't already tackled this
problem in Chapter 2, Installing Samba on a Unix
System.
Let's start with a single user. The easiest way to set up a client user is
to create a Unix account (and home directory) for
that individual on the server, and notify Samba of the user's existence.
You can do the latter by creating a disk share that
maps to the user's home directory in the Samba configuration file, and
restricting access to that user with the valid users
option. For example:
[dave]
path = /home/dave
comment = Dave's home directory
writeable = yes
valid users = dave
The valid users option lists the users that will be allowed to access the
share. In this case, only the user dave is allowed to
access the share. In the previous chapters, we specified that any user
could access a disk share using the guest ok
parameter. Because we don't wish to allow guest access, that option is
absent here. We could grant both authenticated
users and guest users access to a specific share if we wanted to. The
difference between the two typically involves access
rights for each of the files.
Remember that you can abbreviate the user's home directory by using the %H
variable. In addition, you can use the Unix
username variable %u and/or the client username variable %U in your
options as well. For example :
[dave]
comment = %U home directory
writeable = yes
valid users = dave
path = %H
Both of these examples work as long as the Unix user that Samba uses to
represent the client has read/write access to the
directory referenced by the path option. In other words, a client must
first pass Samba's security mechanisms (e.g.,
encrypted passwords, the valid users option, etc.) as well as the normal
Unix file and directory permissions of its
Unix-side user before it can gain read/write access to a share.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3879B261.A14B9646>