samba - Feb 2004 - Samba 2.2.3a + Win 2K

I'm new to the list, so at the begining I'd like to say Hello to all of
You.

I'm using Samba 2.2.3a and rather cannot upgrade it to new version. I want
to set up sambafax (http://www.purpel3.com/sambafax/ ) tool to allow my
windows users to send fax.
Actually my smb.conf looks like this:
security = share
guest ok = true
guest account = test

[printers]
comment = All Printers
path = /var/spool/lpd/lp
browseable = no
printable = yes
public = yes
writeable = no
create mode = 0700
directory = /tmp

[folder]
# shared folder
path = /var/folder
volume = Share
writeable = no
guest ok = true
comment = Shared folder
browseable = yes

...and it's all that I needed till now.
When windows user print on fax printer, he is authenticated as test and
cannot get the notification about his job.
I know that I should change security=user, but the problem is that my
windows users work on terminal servers and are authenticated by radius
server and have dynamic passwords (generated by token).
What should I do to get the correct username, and allow only selected users
to print on that printer.
Best regards
Marcin

On Wed, 2004-02-11 at 19:51, Marcin Wasilewski wrote:
> I'm new to the list, so at the begining I'd like to say Hello to
all of You.
> 
> I'm using Samba 2.2.3a and rather cannot upgrade it to new version.
This is rather a nasty situation, as you will see on our front page,
Samba 2.2.8a was a security release.  Older Samba versions have *nasty*
security problems, and many compatability issues.

As to your problem, this sounds like you want 'security=share', and to
seriously consider what you are asking samba to do, before you write an
smb.conf.  Note that dynamic tokens are probably incompatible with the
CIFS authentication modal.

Why can't you authenticate against what the windows Terminal servers
use, with security=domain?

Andrew Bartlett

-- 
Andrew Bartlett                                 abartlet@pcug.org.au
Manager, Authentication Subsystems, Samba Team  abartlet@samba.org
Student Network Administrator, Hawker College   abartlet@hawkerc.net
http://samba.org     http://build.samba.org     http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url :
http://lists.samba.org/archive/samba/attachments/20040218/25282536/attachment.bin