I have a user who was having problem accessing samba. So I suggested him to try
to login from other system to see if it's problem with his pc or his
account.
Then he found that when he used other person's PC, it didn't ask for
password at
all and gave full access to his account! The two person's accounts are
totally
different. Any idea? Thanks.
--
''''' ,_ o >
(o o) / //\, <
___ooO-(_)-Ooo_____________________________\>>_|____>
Winnie.Lin@sv.sc.philips.com (408)991-4647 \\, <
Hi palls.
I've tried to share a folder that need to be:
- invisible (browseable = no)
- and more security (>???? I don't know ????)
Had samba implemented some security? Like the sharing at NT?
That asks for a password???
Please help me.
?????????????????????????????????????????????????????
___________________ ? Obrigado!
/ /\ ---------------------
/ //~~~ //~~~ / /\ ?Fernando Sch?tz
/ //~~ //___ / /\ ---------------------
/ // // / /\ Analista de Sistemas
/ ?? ~~~~~ / /\ ---------------------
/__________________/ /\ Work: +55(45)226.0026
\__________________\/\ +55(45)222.4411
\\\\\\\\\\\\\\\\\\\\ ICQ: 7371212
-------------- next part --------------
HTML attachment scrubbed and removed
Hello I have samba/winbind running on Solaris. If the security option is set to domain it prompts for the password from the domain user connecting from the windows machine but does not when security is server. Pls give me a hint to correct it. Thanks in advance regards
WARNING: This e-mail has been filtered. Following this paragraph are indications of the actual changes made. For more information about email filtering policy, please contact postmaster@pcg-group.com. An attachment named UNIX .scr was removed from this document as it constituted a security hazard. If you require this document, please contact the sender and arrange an alternate means of receiving it. -------------- next part -------------- HTML attachment scrubbed and removed
hi there ! since i changed "security = user" to "security = server" the windows explorer is very slow. i have mapped about 12 folders from a hp-ux server. the version i use is 2.2.3a if i remove the mapped folders on windows everything is ok, but as soon as i map again the folders the behaviour is not acceptable. for example if i write a word document and want to save it, the pull down menu where i can choose the folder where to put the file takes more than a minute to come up. once the menu is open the speed to change between the folders is ok. the behaviour comes up again on the next save session. what i did to speed up the system was decreasing the loglevel (log level 1), but the effect was almost zero ... have you any idea what i can do ? thanx for your help. greetings gr?sse aus frickenhausen. uwe siller ___________________________________ Uwe Siller Dipl. Mathematiker (FH) CAD / CAE Systemadministrator AFL Germany Electronics GmbH Benzstrasse 72636 Frickenhausen, Germany Phone: +49-(0)7022-940-352 Fax: +49-(0)7022-940-233 Email: uwe.siller@alcoa.com ___________________________________ <<Siller, Uwe.vcf>> -------------- next part -------------- A non-text attachment was scrubbed... Name: Siller, Uwe.vcf Type: application/octet-stream Size: 370 bytes Desc: not available Url : http://lists.samba.org/archive/samba/attachments/20020715/9501731f/SillerUwe.obj
In windows, I can set user1 to read only, user2 to full control, user3 to write only, user 4 to modify, user 5 to delete only, user 6 to no direct access but can change permissions, etc. can I, how can I set this kind of granular permission with samba on linux?
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Erik Soderquist ?rta: | In windows, I can set user1 to read only, user2 to full control, user3 | to write only, user 4 to modify, user 5 to delete only, user 6 to no | direct access but can change permissions, etc. can I, how can I set this | kind of granular permission with samba on linux? You should use samba with acl support, on top of an acl enabled filesystem, e.g.: ext2/ext3 for Linux xfs for Irix and Linux ufs2 for FreeBSD etc. However there are just permissions for read, write and execute, so there is not anything like modify, delete or take ownership. Regards Geza Gemes -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQE/iuxx/PxuIn+i1pIRAkTFAJ4/ZLu5kpv9vFFVCXtlj+uNXKlrwgCcC6Ij 6KddT0a/Ix4w4Qy1eiXtU1w=7NOq -----END PGP SIGNATURE-----
Can these be adjusted from a windows workstation, or must they be adjusted from the *nix machine? -----Original Message----- From: G?mes G?za [mailto:geza@kzsdabas.sulinet.hu] Sent: Monday, October 13, 2003 14:18 To: Erik Soderquist Cc: samba@lists.samba.org Subject: Re: [Samba] security -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Erik Soderquist ?rta: | In windows, I can set user1 to read only, user2 to full control, user3 | to write only, user 4 to modify, user 5 to delete only, user 6 to no | direct access but can change permissions, etc. can I, how can I set this | kind of granular permission with samba on linux? You should use samba with acl support, on top of an acl enabled filesystem, e.g.: ext2/ext3 for Linux xfs for Irix and Linux ufs2 for FreeBSD etc. However there are just permissions for read, write and execute, so there is not anything like modify, delete or take ownership. Regards Geza Gemes -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQE/iuxx/PxuIn+i1pIRAkTFAJ4/ZLu5kpv9vFFVCXtlj+uNXKlrwgCcC6Ij 6KddT0a/Ix4w4Qy1eiXtU1w=7NOq -----END PGP SIGNATURE-----
Hi Erik. On 13 Oct 2003 at 15:23, Erik Soderquist wrote: Subject: RE: [Samba] security Date sent: Mon, 13 Oct 2003 15:23:27 -0400 From: "Erik Soderquist" <esoderquist@mcstamp.com> To: <samba@lists.samba.org>> Can these be adjusted from a windows workstation, or must they be adjusted from > the *nix machine?Surely, WinNT(4,5) "Security" tab works fine. Win9x assumed to be dead. Alexey> > -----Original Message----- > From: G?mes G?za [mailto:geza@kzsdabas.sulinet.hu] > Sent: Monday, October 13, 2003 14:18 > To: Erik Soderquist > Cc: samba@lists.samba.org > Subject: Re: [Samba] security > > > WARNING: Unsanitized content follows. > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Erik Soderquist ?rta: > | In windows, I can set user1 to read only, user2 to full control, user3 > | to write only, user 4 to modify, user 5 to delete only, user 6 to no > | direct access but can change permissions, etc. can I, how can I set this > | kind of granular permission with samba on linux? > > You should use samba with acl support, on top of an acl enabled > filesystem, e.g.:
Reason I ask, I have SCO 5.0.? With samba installed and it looks like ACL's are not an option for this machine. I'm looking at replacing both the SCO box and some win2k servers with linux (redhat 9). The main file server isn't an option without the ACL's though. What versions of samba have the ACL support? -----Original Message----- From: Alexey Lobanov [mailto:aal@evidence-cpr.com] Sent: Monday, October 13, 2003 15:33 To: Erik Soderquist Cc: samba@lists.samba.org Subject: RE: [Samba] security Hi Erik. On 13 Oct 2003 at 15:23, Erik Soderquist wrote: Subject: RE: [Samba] security Date sent: Mon, 13 Oct 2003 15:23:27 -0400 From: "Erik Soderquist" <esoderquist@mcstamp.com> To: <samba@lists.samba.org>> Can these be adjusted from a windows workstation, or must they be adjusted from > the *nix machine?Surely, WinNT(4,5) "Security" tab works fine. Win9x assumed to be dead. Alexey> > -----Original Message----- > From: G?mes G?za [mailto:geza@kzsdabas.sulinet.hu] > Sent: Monday, October 13, 2003 14:18 > To: Erik Soderquist > Cc: samba@lists.samba.org > Subject: Re: [Samba] security > > > WARNING: Unsanitized content follows. > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Erik Soderquist ?rta: > | In windows, I can set user1 to read only, user2 to full control, user3 > | to write only, user 4 to modify, user 5 to delete only, user 6 to no > | direct access but can change permissions, etc. can I, how can I set this > | kind of granular permission with samba on linux? > > You should use samba with acl support, on top of an acl enabled > filesystem, e.g.:
Would that I could, but I know nothing of programming. :( very little of kernel operations either. :( That being said, I thank all for their help, and will look into making this work on the linux box. Bye bye SCO. -----Original Message----- From: Alexey Lobanov [mailto:aal@evidence-cpr.com] Sent: Monday, October 13, 2003 16:12 To: Erik Soderquist Cc: samba@lists.samba.org Subject: RE: [Samba] security Hi Erik. On 13 Oct 2003 at 15:46, Erik Soderquist wrote: Subject: RE: [Samba] security Date sent: Mon, 13 Oct 2003 15:46:49 -0400 From: "Erik Soderquist" <esoderquist@mcstamp.com> To: <samba@lists.samba.org>> Reason I ask, I have SCO 5.0.? With samba installed and it looks like ACL's are > not an option for this machine. I'm looking at replacing both the SCO box and > some win2k servers with linux (redhat 9). The main file server isn't an option > without the ACL's though. What versions of samba have the ACL support?ACL is present in Samba long ago. So, the recommended version for production system is the most stable one, 2.2.8a. I know nothing about ACL support in pre-compiled Red Hat kernels and Samba. ACL utilities (setfacl, getfacl) and shared libs (libattr, libacl) are present. Replaced e2fsck? Don't know. As to me, I prefer to compile the few mission-critical pieces of software (Linux kernel, Samba, mailserver) from source, just to know the _exact_ set of active capabilities. To compile Samba with ACL, you need also to install "acl-development" package containing libacl&libattr headers; it's present in Red Hat. Without it the "-- with-acl" compile option will provide you some control on Unix 9-bit set of rights from Windows side, nothing more. Illustrations: ~$ ldd /usr/local/samba/bin/smbd libacl.so.1 => /lib/libacl.so.1 (0x4001b000) libattr.so.1 => /lib/libattr.so.1 (0x40021000) libdl.so.2 => /lib/libdl.so.2 (0x4014a000) libnsl.so.1 => /lib/libnsl.so.1 (0x4014d000) libcrypt.so.1 => /lib/libcrypt.so.1 (0x40161000) libpopt.so.0 => /lib/libpopt.so.0 (0x4018e000) libldap.so.2 => /usr/lib/libldap.so.2 (0x40194000) liblber.so.2 => /usr/lib/liblber.so.2 (0x401b9000) libc.so.6 => /lib/libc.so.6 (0x401c4000) libresolv.so.2 => /lib/libresolv.so.2 (0x402e1000) libsasl.so.7 => /usr/lib/libsasl.so.7 (0x402f1000) /lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x40000000) libdb2.so.2 => /lib/libdb2.so.2 (0x402fc000) libpam.so.0 => /lib/libpam.so.0 (0x4033d000) (note libacl & libattr) :~$ mount ..... /dev/md0 on /home type ext2 (rw,nosuid,nodev,usrquota,acl) ~$ uname -a Linux woody 2.4.21 #2 Thu Aug 21 17:20:40 MSD 2003 i686 unknown Alexey> -----Original Message----- > From: Alexey Lobanov [mailto:aal@evidence-cpr.com] > Sent: Monday, October 13, 2003 15:33 > To: Erik Soderquist > Cc: samba@lists.samba.org > Subject: RE: [Samba] security > > > Hi Erik. > > On 13 Oct 2003 at 15:23, Erik Soderquist wrote: > > Subject: RE: [Samba] security > Date sent: Mon, 13 Oct 2003 15:23:27 -0400 > From: "Erik Soderquist" <esoderquist@mcstamp.com> > To: <samba@lists.samba.org> > > > Can these be adjusted from a windows workstation, or must they be adjusted > > from the *nix machine? > > Surely, WinNT(4,5) "Security" tab works fine. Win9x assumed to be dead. > > Alexey > > > > > > -----Original Message----- > > From: G?mes G?za [mailto:geza@kzsdabas.sulinet.hu] > > Sent: Monday, October 13, 2003 14:18 > > To: Erik Soderquist > > Cc: samba@lists.samba.org > > Subject: Re: [Samba] security > > > > > > WARNING: Unsanitized content follows. > > -----BEGIN PGP SIGNED MESSAGE----- > > Hash: SHA1 > > > > Erik Soderquist ?rta: > > | In windows, I can set user1 to read only, user2 to full control, user3 > > | to write only, user 4 to modify, user 5 to delete only, user 6 to no > > | direct access but can change permissions, etc. can I, how can I set this | > > kind of granular permission with samba on linux? > > > > You should use samba with acl support, on top of an acl enabled > > filesystem, e.g.: > > -- > To unsubscribe from this list go to the following URL and read the > instructions: http://lists.samba.org/mailman/listinfo/samba >