samba - Oct 2003 - Problem with user level security using [homes]

Hi, I've been trying to setup a "user" only access samba server
for my
customers to publish their websites through instead of ftp.  We
provide for many different networks that are in many domains that we
don't own, so it seems the "user" security model is the only thing
that
would work for us.

However, I've tried many different combinations of restrictions but I
can't find one that will allow a user only to view their own directory,
but NOT view anyone elses using the [homes] option.  It seems that the
%U and %u doesn't work very will using this option.  Does anyone know
if what I'm trying to do is possible using [homes]?  Here's my config:

----------------------------------------------
[global]
netbios name = MYSERVER
server string = "SAMBA TEST SERVER"
workgroup = WORKGROUP
security = user
log level = 10
log file = /var/log/samba.log
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
 
 
[homes]
    browsable = no
    veto files = /*Maildir*/
    delete veto files = no
    writable = yes
    guest ok = no
    only user = yes
    valid users = samba  (*** I'd basically like to use %U ***)
    revalidate = yes
 
----------------------------------------------


Thanks,


-- 
Pete Greenwell 
System Administrator  
Missouri Research and Education Network [MOREnet]  
http://www.more.net

pete@more.net writes:
> [homes]
> ...
>     only user = yes
>     valid users = samba  (*** I'd basically like to use %U ***)
> ...
We use "valid users = %S", as suggested in (among other places) the
"Why Can Users Access Home Directories of Other Users?" section of the
HOWTO at

 http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection.html

Hope this works,
-- 
Brandon Craig Rhodes                         http://www.rhodesmill.org/brandon
Georgia Tech                                            brandon@oit.gatech.edu

I'd like to use Samba to access files on an Internet based server (which
is primarily a web server), from Windows XP clients, over the Internet.

The server is in a data center, the XP machines are on a cable
connection with 1.5Mbps down and 256kbps up. Port 139 is blocked by the
ISP.

I'm looking for help with settings that will optimise Samba for this
application. 

I have a basic configuration, and it is only just usable. The transfer
speed once a file is open is acceptable, but the time it takes for files
to be open for reading and writing is just a little too long (in the
order of a few seconds). This makes a multiple file save that would be
instant to a local HD or local file server take a long time (about 40
seconds for example for 20 files).

I am using stunnel at both ends to get around the port 139 restriction.
Might this be contributing to the slow file open speed? Are there any
better ways to make this connection?

I have disabled the webclient service in XP.

Thanks for any help.

J L