simon ben
2012-Oct-10 20:02 UTC
[Samba] How can I show only the shares that user have access to in SAMBA
Dear All, I have implemented samba to right now in test environment to be implemented in production as? samba file server so far its working grt but I have one issue i have right now one share and want only the users who have access to the share to see it and the others should not when I log into the user who has no access I see the share and when i double click it ask me for username and password googling arround this issuse is solved by using the below in smb.conf file hide dot files = yes hide unreadable = yes in the share definition section. but its still visible security is set as user here the part of my smb.conf ------------------ [kmplan] ??? writeable = yes ??? path = /opt/network/testplan ??? write list = @localgrp ??? revalidate = yes ??????? hide unreadable = yes ??? hide dot files = yes ??? comment = masterplan testing directory ??? valid users = @localgrp ----------------- is there anything i need to set in smb.conf appreciate your help and advice regards simon
Björn JACKE
2012-Oct-10 20:28 UTC
[Samba] How can I show only the shares that user have access to in SAMBA
On 2012-10-10 at 13:02 -0700 simon ben sent off:> i have right now one share and want only the users who have access to the share to see it > and the others should not > > when I log into the user who has no access I see the share and when i double click it ask me for username and password > > googling arround this issuse is solved by using the below in smb.conf file > hide dot files = yes > hide unreadable = yes > in the share definition section. > > but its still visiblecan you please try setting access based share enum = yes ? Cheers Bj?rn -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: Digital signature URL: <http://lists.samba.org/pipermail/samba/attachments/20121010/986fcdef/attachment.pgp>
Christian Rost
2012-Oct-11 06:06 UTC
[Samba] How can I show only the shares that user have access to in SAMBA
Hi Simon, as far as I know, you can't hide shares with user specific settings. It is not implemented wether in Windows nor in Samba. The only way is to hide the share for all users by adding the "$" at the end of the share name - like [kmplan$]. To limit access to the share you need to set share and corresponding filesystem permissions. Cheers, Christian simon ben <guy20034u at yahoo.com> schrieb:>Dear All, > >I have implemented samba to right now in test environment to be >implemented in production as? samba file server > >so far its working grt > >but I have one issue > >i have right now one share and want only the users who have access to >the share to see it >and the others should not > >when I log into the user who has no access I see the share and when i >double click it ask me for username and password > >googling arround this issuse is solved by using the below in smb.conf >file > hide dot files = yes > hide unreadable = yes >in the share definition section. > >but its still visible > >security is set as user > >here the part of my smb.conf >------------------ >[kmplan] >??? writeable = yes >??? path = /opt/network/testplan >??? write list = @localgrp >??? revalidate = yes >??????? hide unreadable = yes >??? hide dot files = yes >??? comment = masterplan testing directory >??? valid users = @localgrp >----------------- > >is there anything i need to set in smb.conf >appreciate your help and advice > > >regards > >simon-- Dipl.-Ing. Christian Rost roCon - Informationstechnologie Ulmenstra?e 45 44534 L?nen Fon: +49 2306 910 658 Fax: +48 2306 910 664 URL: www.rocon-it.de
simon ben
2012-Oct-11 08:22 UTC
[Samba] How can I show only the shares that user have access to in SAMBA
Dear Bjorn ? I really apprecite your quick reply. by the way I did add the ?access based share enum = yes but when I do a testparm it gives a error ------------------------------- [root at kmshare samba]# testparm /etc/samba/smb.conf Load smb config files from /etc/samba/smb.conf Unknown parameter encountered: "access based share enum" Ignoring unknown parameter "access based share enum" Processing section "[homes]" Processing section "[printers]" Processing section "[kmplan]" Loaded services file OK. Server role: ROLE_STANDALONE Press enter to see a dump of your service definitions [global] ??????? workgroup = MYGROUP ??????? server string = Samba Server Version %v ??????? passdb backend = tdbsam ??????? disable spoolss = Yes ??????? winbind use default domain = Yes ??????? winbind trusted domains only = Yes ??????? cups options = raw [homes] ??????? comment = Home Directories ??????? read only = No ??????? browseable = No [printers] ??????? comment = All Printers ??????? path = /var/spool/samba ??????? printable = Yes ??????? browseable = No [kmplan] ??????? comment = masterplan testing directory ??????? path = /opt/network/testplan ??????? valid users = @localgrp ??????? write list = @localgrp ??????? read only = No ??????? hide unreadable = Yes ??????? hide unwriteable files = Yes ? ------------------------------------ the directory /opt/network/testplan is sahred as kmplan and localgrp has 2 valid users user1 and user2 so if I log in as user1 or user2 kmplan share can be accessed perfectly ? i have a third user user3 and he not belong the localgrp . ? also wanted to mentioned that I have used webmin to create local users and in samba windows file sharing option of webmin==> user and group synchronisation ==> i am using yes for all. that is when a unix user is created automatically add a samba user likewise for groups. ? apprecite your help and advise ? ? regards ? simon --- On Wed, 10/10/12, Bj?rn JACKE <bj at SerNet.DE> wrote: From: Bj?rn JACKE <bj at SerNet.DE> Subject: Re: [Samba] How can I show only the shares that user have access to in SAMBA To: "simon ben" <guy20034u at yahoo.com> Cc: samba at lists.samba.org Date: Wednesday, October 10, 2012, 1:28 PM On 2012-10-10 at 13:02 -0700 simon ben sent off:> i have right now one share and want only the users who have access to the share to see it > and the others should not > > when I log into the user who has no access I see the share and when i double click it ask me for username and password > > googling arround this issuse is solved by using the below in smb.conf file >? hide dot files = yes >? ? ? ???hide unreadable = yes > in the share definition section. > > but its still visiblecan you please try setting ? ? access based share enum = yes ? Cheers Bj?rn
Björn JACKE
2012-Oct-11 09:10 UTC
[Samba] How can I show only the shares that user have access to in SAMBA
On 2012-10-11 at 01:22 -0700 simon ben sent off:> but when I do a testparm it gives a error > ------------------------------- > [root at kmshare samba]# testparm /etc/samba/smb.conf > Load smb config files from /etc/samba/smb.conf > Unknown parameter encountered: "access based share enum" > Ignoring unknown parameter "access based share enum"then your Samba version is too old then. This parameter was introduced with Samba 3.6 I think (maybe 3.5 already). On http://www.enterprisesamba.org you might find recent packages for your distribution that support that feature. Cheers Bj?rn -- SerNet GmbH, Bahnhofsallee 1b, 37081 G?ttingen ? +49-551-370000-0, ? +49-551-370000-9 AG G?ttingen, HRB 2816, GF: Dr. Johannes Loxen -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: Digital signature URL: <http://lists.samba.org/pipermail/samba/attachments/20121011/a9272123/attachment.pgp>
simon ben
2012-Oct-11 20:04 UTC
[Samba] How can I show only the shares that user have access to in SAMBA
Dear Bjorn, Indeed so grateful for your quick reply I was indeed using earlier samba actually I just installed it using yum. now I did upgrade samba to recent one samba 3.6.8 and after running the testparm command displayed no errors but still I was not able to achieve my goal as christian mentioned in his reply i do think his mistaken cause there are many guys whos post i see and they have solved it by adding just his 2 below command in their smb.conf file hide unreadable = Yes hide unwriteable files = Yes Is there anything I could look into as I mentioned before I have used webmin to create both local and samba users whos user names are the same and so also groups here below my smb.conf ---- [global] ??????? workgroup = MYGROUP ??????? server string = Samba Server Version %v ??????? disable spoolss = Yes ??????? domain master = No ??????? idmap config * : backend = tdb ??????? cups options = raw [homes] ??????? comment = Home Directories ??????? read only = No ??????? browseable = No [printers] ??????? comment = All Printers ??????? path = /var/spool/samba ??????? printable = Yes ??????? print ok = Yes ??????? browseable = No [kmplan] ??????? comment = masterplan testing directory ??????? path = /opt/network/testplan ??????? valid users = @localgrp ??????? write list = @localgrp ??????? read only = No ? ? ?? hide unreadable = Yes ?????? hide unwriteable files = Yes ??????? access based share enum = Yes also here below are the permissions of /opt/network/testplan directory drwxrws--T 3 root localgrp 4096 Oct 10 19:39 testplan Actually every things works fine what I mean is if I log in as a user who belongs to localgrp I can read/write the kmplan share which is perfect but when i log in as user who does not belong to localgrp i can see the kmplan share although i cannot access it. as christian said i can hide the share but even for valid users the share is hidden n i obviously dont want to hide the share for valid users regards simon --- On Thu, 10/11/12, Bj?rn JACKE <bj at SerNet.DE> wrote: From: Bj?rn JACKE <bj at SerNet.DE> Subject: Re: [Samba] How can I show only the shares that user have access to in SAMBA To: "simon ben" <guy20034u at yahoo.com> Cc: samba at lists.samba.org Date: Thursday, October 11, 2012, 2:10 AM On 2012-10-11 at 01:22 -0700 simon ben sent off:> but when I do a testparm it gives a error > ------------------------------- > [root at kmshare samba]# testparm /etc/samba/smb.conf > Load smb config files from /etc/samba/smb.conf > Unknown parameter encountered: "access based share enum" > Ignoring unknown parameter "access based share enum"then your Samba version is too old then. This parameter was introduced with Samba 3.6 I think (maybe 3.5 already). On http://www.enterprisesamba.org you might find recent packages for your distribution that support that feature. Cheers Bj?rn -- SerNet GmbH, Bahnhofsallee 1b, 37081 G?ttingen ? ? +49-551-370000-0, ? +49-551-370000-9 AG G?ttingen, HRB 2816, GF: Dr. Johannes Loxen
simon ben
2012-Oct-14 20:46 UTC
[Samba] How can I show only the shares that user have access to in SAMBA
Dear All, For the issue i am having to display shares only to users having access i did come across a article but just wondering what exactly it means ------------ access based share enum (S) If this parameter is yes for a service, then the share hosted by the service will only be visible to users who have read or write access to the share during share enumeration (for example net view \\sambaserver). This has parallels to access based enumeration, the main difference being that only share permissions are evaluated, and security descriptors on files contained on the share are not used in computing enumeration access rights. Default: access based share enum = no ------------ I apprecite if someone could clarify it with example --------- my smb.conf is --------------- .... .... [kmplan] ??????? comment = masterplan testing directory ??????? path = /opt/network/testplan ??????? valid users = @localgrp ??????? write list = @localgrp ??????? read only = No ? ? ?? hide unreadable = Yes ?????? hide unwriteable files = Yes ??????? access based share enum = Yes ------------ want only the users of localgrp to see the share and no others appreciate your kind help regards simon --- On Sat, 10/13/12, simon ben <guy20034u at yahoo.com> wrote: From: simon ben <guy20034u at yahoo.com> Subject: [Samba] How can I show only the shares that user have access to in SAMBA To: samba at lists.samba.org Date: Saturday, October 13, 2012, 1:58 PM Dear All, As I have a issue to display only those shares the users have access too.. i am really trying to find a solution and came across a post http://serverfault.com/questions/144339/hiding-samba-share-from-browse-list-for-unauthorised-users its about the include statement this would exactly achieve my purpose but when I did that as I could put browseable = no in my kmplan section of my smb.conf file and browseable = yes in the include file testparm says Can't find include file /etc/samba/%G.conf i did try with other variables like u or U but its the same Appreciate your help regards simon --- On Thu, 10/11/12, simon ben <guy20034u at yahoo.com> wrote: From: simon ben <guy20034u at yahoo.com> Subject: Re: [Samba] How can I show only the shares that user have access to in SAMBA To: "Bj?rn JACKE" <bj at SerNet.DE> Cc: samba at lists.samba.org Date: Thursday, October 11, 2012, 1:04 PM Dear Bjorn, Indeed so grateful for your quick reply I was indeed using earlier samba actually I just installed it using yum. now I did upgrade samba to recent one samba 3.6.8 and after running the testparm command displayed no errors but still I was not able to achieve my goal as christian mentioned in his reply i do think his mistaken cause there are many guys whos post i see and they have solved it by adding just his 2 below command in their smb.conf file hide unreadable = Yes hide unwriteable files = Yes Is there anything I could look into as I mentioned before I have used webmin to create both local and samba users whos user names are the same and so also groups here below my smb.conf ---- [global] ??????? workgroup = MYGROUP ??????? server string = Samba Server Version %v ??????? disable spoolss = Yes ??????? domain master = No ??????? idmap config * : backend = tdb ??????? cups options = raw [homes] ??????? comment = Home Directories ??????? read only = No ??????? browseable = No [printers] ??????? comment = All Printers ??????? path = /var/spool/samba ??????? printable = Yes ??????? print ok = Yes ??????? browseable = No [kmplan] ??????? comment = masterplan testing directory ??????? path = /opt/network/testplan ??????? valid users = @localgrp ??????? write list = @localgrp ??????? read only = No ? ? ?? hide unreadable = Yes ?????? hide unwriteable files = Yes ??????? access based share enum = Yes also here below are the permissions of /opt/network/testplan directory drwxrws--T 3 root localgrp 4096 Oct 10 19:39 testplan Actually every things works fine what I mean is if I log in as a user who belongs to localgrp I can read/write the kmplan share which is perfect but when i log in as user who does not belong to localgrp i can see the kmplan share although i cannot access it. as christian said i can hide the share but even for valid users the share is hidden n i obviously dont want to hide the share for valid users regards simon --- On Thu, 10/11/12, Bj?rn JACKE <bj at SerNet.DE> wrote: From: Bj?rn JACKE <bj at SerNet.DE> Subject: Re: [Samba] How can I show only the shares that user have access to in SAMBA To: "simon ben" <guy20034u at yahoo.com> Cc: samba at lists.samba.org Date: Thursday, October 11, 2012, 2:10 AM On 2012-10-11 at 01:22 -0700 simon ben sent off:> but when I do a testparm it gives a error > ------------------------------- > [root at kmshare samba]# testparm /etc/samba/smb.conf > Load smb config files from /etc/samba/smb.conf > Unknown parameter encountered: "access based share enum" > Ignoring unknown parameter "access based share enum"then your Samba version is too old then. This parameter was introduced with Samba 3.6 I think (maybe 3.5 already). On http://www.enterprisesamba.org you might find recent packages for your distribution that support that feature. Cheers Bj?rn -- SerNet GmbH, Bahnhofsallee 1b, 37081 G?ttingen ? ? +49-551-370000-0, ? +49-551-370000-9 AG G?ttingen, HRB 2816, GF: Dr. Johannes Loxen -- To unsubscribe from this list go to the following URL and read the instructions:? https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions:? https://lists.samba.org/mailman/options/samba
Reasonably Related Threads
- FW: [Bug 11241] different ids even when idmap.ldb copied. not abug..
- Doubled Quotas on Ubuntu
- DO NOT REPLY [Bug 5183] New: -r --include= --exclude= broken for version>=3.0.0pre5?
- FW: [Bug 11241] different ids even when idmap.ldb copied. not abug..
- Installation Samba on RHEL6.4