Question 1: Is there a way to keep an authentication to a Samba share from lasting indefinitely? I am implementing a Linux file server for a network of machines all running Windows 98 SE. (Redhat 9, Samba 2.2.7a, share-level security.) Once a user provides a valid password and connects to a Samba share, Samba allows that client machine to access that share indefinitely. In our office each machine may not be used by the same user every day. If Joe connects to a Samba share on Monday by providing the proper password, then Mary uses that client machine on Tuesday, she will have access to the share without needing the password. Is there a way to make Samba ask for the password again? Initially I thought I could just set the deadtime and keepalive options so the connection would be terminated if it is not used for a while. But apparently Windows just autoreconnects. I tried restarting the Samba service but that doesn't work either. Even "smbcontrol smbd close-share * " doesn't prevent autoreconnection. In the O'Reilly book "Using Samba" (second edition) the section on Share-Level Security mentions a REVALIDATE=YES option which I thought might be relevant. However testparm identifies this as an "unknown parameter". (BTW, revalidate does not appear in the index nor in the Configuration Option appendix of the second edition, so I suspect this is a deprecated option, although it was not removed from the text.) Related, but slightly different Question 2: Is there a way for a user on a Windows client to get Samba to ask for a new password? Suppose I have a share such as: [data] path = /var/project1/data username = mary, admin read only = yes write list = admin If mary connects to the share, then asks me to come assist her and I need to write to the share from the Windows machine she is using, how can I terminate her authentication so I can connect with my password and get write privileges? I'm new at this, so if any of my terminology is not right please let me know so I can get it right next time. Doc Dawson Longwood Family Medicine Longwood, Florida doc@dawson.cc
Very interesting question, I am interested in knowing this as well. On Wednesday 08 October 2003 00:21, Doc Dawson wrote:> Question 1: Is there a way to keep an authentication to a Samba share from > lasting indefinitely? > > I am implementing a Linux file server for a network of machines all running > Windows 98 SE. (Redhat 9, Samba 2.2.7a, share-level security.) Once a > user provides a valid password and connects to a Samba share, Samba allows > that client machine to access that share indefinitely. > In our office each machine may not be used by the same user every day. If > Joe connects to a Samba share on Monday by providing the proper password, > then Mary uses that client machine on Tuesday, she will have access to the > share without needing the password. Is there a way to make Samba ask for > the password again? > > Initially I thought I could just set the deadtime and keepalive options so > the connection would be terminated if it is not used for a while. But > apparently Windows just autoreconnects. > I tried restarting the Samba service but that doesn't work either. > Even "smbcontrol smbd close-share * " doesn't prevent autoreconnection. > In the O'Reilly book "Using Samba" (second edition) the section on > Share-Level Security mentions a REVALIDATE=YES option which I thought might > be relevant. However testparm identifies this as an "unknown > parameter". (BTW, revalidate does not appear in the index nor in the > Configuration Option appendix of the second edition, so I suspect this is a > deprecated option, although it was not removed from the text.) > > > Related, but slightly different > Question 2: Is there a way for a user on a Windows client to get Samba to > ask for a new password? > > Suppose I have a share such as: > [data] > path = /var/project1/data > username = mary, admin > read only = yes > write list = admin > If mary connects to the share, then asks me to come assist her and I need > to write to the share from the Windows machine she is using, how can I > terminate her authentication so I can connect with my password and get > write privileges? > > > I'm new at this, so if any of my terminology is not right please let me > know so I can get it right next time. > > > Doc Dawson > Longwood Family Medicine > Longwood, Florida > doc@dawson.cc
Hi Doc First yuo update your samba to last 2.2.8... from samba binary ftp for Redhat9. Second your problem with share level security. When your users Joe not logout when end work and user Mary then work with PC then no way to protect your system! First yuo learn about login logout feature of Windows network an afther this you set samba to user level security this is best choice for all. If you dont need domain then config user security is very simple set this on smb.conf and restart samba create user joe and mary on redhat then run smbpasswd -a joe and repeat mary with set pass. And on windows login with this settings and logout afther end work. Bye. ----- Original Message ----- From: "Doc Dawson" <doc@dawson.cc> To: <samba@lists.samba.org> Sent: Wednesday, October 08, 2003 5:21 AM Subject: [Samba] limiting authentication duration> Question 1: Is there a way to keep an authentication to a Samba share from > lasting indefinitely? > > I am implementing a Linux file server for a network of machines allrunning> Windows 98 SE. (Redhat 9, Samba 2.2.7a, share-level security.) Once a > user provides a valid password and connects to a Samba share, Samba allows > that client machine to access that share indefinitely. > In our office each machine may not be used by the same user every day. If > Joe connects to a Samba share on Monday by providing the proper password, > then Mary uses that client machine on Tuesday, she will have access to the > share without needing the password. Is there a way to make Samba ask for > the password again? > > Initially I thought I could just set the deadtime and keepalive options so > the connection would be terminated if it is not used for a while. But > apparently Windows just autoreconnects. > I tried restarting the Samba service but that doesn't work either. > Even "smbcontrol smbd close-share * " doesn't prevent autoreconnection. > In the O'Reilly book "Using Samba" (second edition) the section on > Share-Level Security mentions a REVALIDATE=YES option which I thoughtmight> be relevant. However testparm identifies this as an "unknown > parameter". (BTW, revalidate does not appear in the index nor in the > Configuration Option appendix of the second edition, so I suspect this isa> deprecated option, although it was not removed from the text.) > > > Related, but slightly different > Question 2: Is there a way for a user on a Windows client to get Samba to > ask for a new password? > > Suppose I have a share such as: > [data] > path = /var/project1/data > username = mary, admin > read only = yes > write list = admin > If mary connects to the share, then asks me to come assist her and I need > to write to the share from the Windows machine she is using, how can I > terminate her authentication so I can connect with my password and get > write privileges? > > > I'm new at this, so if any of my terminology is not right please let me > know so I can get it right next time. > > > Doc Dawson > Longwood Family Medicine > Longwood, Florida > doc@dawson.cc > > -- > To unsubscribe from this list go to the following URL and read the > instructions: http://lists.samba.org/mailman/listinfo/samba
Apparently Analagous Threads
- forward stepwise regression using Mallows Cp
- possible bug in merge with duplicate blank names in 'by' field.
- Cook-distance-type plot (vertical bars)
- version stamp details missing on current checkout
- LDA in R: how to extract full equation, especially constant term