> Message: 16
> From: "Hugo Levasseur" <hugo.levasseur@mcgill.ca>
> To: "Samba Mailing List" <samba@lists.samba.org>
> Subject: about mutiple security levels
> Date: Wed, 12 Sep 2001 19:52:03 -0400
>
> in the samba docs I find
> "It is possible to use smbd in a hybrid mode where it is offers both
> user and share level security under different
> <http://ca.samba.org/samba/docs/man/smb.conf.5.html#NETBIOSALIASES>
> NetBIOS aliases"
>
> no clue aas to how to do this though .. anyone know?
The way that I have achieved this using FreeBSD is as follows given the
following information.
Original IP Address: 192.168.200.10
Original Hostname: tarja
1. Created a new IP alias for the machine
(ifconfig <interface> alias 192.168.200.20 netmask 0xffffffff)
2. Created a DNS entry for the new alias (which I called swserver)
which means that the one machine now has two ip addresses
and two separate hostnames which nicely resolve via DNS.
3. Made my root 'smb.conf' look a bit like this:
[global]
<global stuff ... snip>
netbios aliases = tarja swserver
include = /usr/local/etc/samba/smb.global.%L
4. Created the two additional 'configuration' files as follows:
smb.global.swserver:
encrypt passwords = yes
security = share
[netapps]
path = /data/netapps
writeable = yes
public = yes
force user = nobody
force group = nobody
<additional shares ... snip>
smb.global.tarja:
encrypt passwords = yes
security = user
[data]
path = /data
writeable = yes
public = no
<additional shares ... snip>
The end result is that if I use this from the <start><run> box from
a W2k
client:
\\tarja\data
It is using user level security.
If I call the same machine though with this
\\swserver\netapps
It behaves entirely differently in that it uses share level
security (and offers up different shares).