This is just a quick question, what is the difference between "+" and "@" when using groups for say valid users or write list ex valid users = +staff valid users = @staff -- Kent L. Nasveschuk <kent@wareham.k12.ma.us>
Quoting "Kent L. Nasveschuk kent-at-wareham.k12.ma.us |Samba|" <tjlhhuf76t0t@sneakemail.com>:> This is just a quick question, what is the difference between "+" > and > "@" when using groups for say valid users or write list > > ex > > valid users = +staff > valid users = @staffPer /usr/share/samba/swat/help/smb.conf.5.html (SuSE 9.0)... "A name starting with a '@' is interpreted as an NIS netgroup first (if your system supports NIS), and then as a UNIX group if the name was not found in the NIS netgroup database. A name starting with '+' is interpreted only by looking in the UNIX group database. A name starting with '&' is interpreted only by looking in the NIS netgroup database (this requires NIS to be working on your system). The characters '+' and '&' may be used at the start of the name in either order so the value +&group means check the UNIX group database, followed by the NIS netgroup database, and the value &+group means check the NIS netgroup database, followed by the UNIX group database (the same as the '@' prefix)." HTH Mike -- SuSE 9.0 Pro (2.4.21-192-default) with samba-2.2.8a-107
Help, I cannot seem to beat the password problems on SAMBA. I have tried everything from removing all references to passwords to installing the simplest smb.conf file and I still get a long diatribe about passwords when I run testparm. I can see shares etc and I can run SMBCLIENT and all seems fine. This is a home machine so security is not a problem and if need be I can work the opposite way to high security. Attached are the smb.conf file and the output from testparm and smbclient. I have no root or users passwords anywhere. Any suggestions, remember security is not a problem, it is for storage and testing etc. Thanks John Lewis There are 3 types of people in this world those who can count and those who cant. -------------- next part -------------- added interface ip=192.24.6.130 bcast=192.24.6.255 nmask=255.255.255.0 Anonymous login successful Domain=[HOME] OS=[Unix] Server=[Samba 2.2.8a] Sharename Type Comment --------- ---- ------- homes Disk Home Directories tmp Disk Temporary file space public Disk Public Stuff fredsdir Disk Fred's Service IPC$ IPC IPC Service (Samba 2.2.8a) ADMIN$ Disk IPC Service (Samba 2.2.8a) Server Comment --------- ------- JOHN JOHN LEWIS LEWIS Samba Server Workgroup Master --------- ------- HOME LEWIS -------------- next part -------------- Load smb config files from /etc/samba.d/smb.conf Processing section "[homes]" Global parameter server string found in service section! Global parameter printcap name found in service section! Global parameter load printers found in service section! Global parameter log file found in service section! Global parameter max log size found in service section! Global parameter socket options found in service section! Global parameter interfaces found in service section! Global parameter os level found in service section! Global parameter dns proxy found in service section! Processing section "[homes]" Processing section "[printers]" Processing section "[tmp]" Processing section "[public]" Processing section "[fredsdir]" Processing section "[public]" Processing section "[public]" Loaded services file OK. WARNING: lock directory /var/locks/samba.d should have permissions 0755 for browsing to work Press enter to see a dump of your service definitions # Global parameters [global] coding system = client code page = 850 code page directory = /etc/samba.d/codepages workgroup = HOME netbios name = LEWIS netbios aliases = netbios scope = server string = Samba 2.2.8a interfaces = bind interfaces only = No security = USER encrypt passwords = No update encrypted = No allow trusted domains = Yes hosts equiv = min passwd length = 5 map to guest = Never null passwords = No obey pam restrictions = No password server = smb passwd file = /etc/samba.d/smbpasswd root directory = pam password change = No passwd program = /bin/passwd passwd chat = *new*password* %n\n *new*password* %n\n *changed* passwd chat debug = No username map = password level = 0 username level = 0 unix password sync = No restrict anonymous = No lanman auth = Yes use rhosts = No admin log = No log level = 0 syslog = 1 syslog only = No log file = max log size = 5000 timestamp logs = Yes debug hires timestamp = No debug pid = No debug uid = No protocol = NT1 large readwrite = Yes max protocol = NT1 min protocol = CORE read bmpx = No read raw = Yes write raw = Yes acl compatibility = nt smb support = Yes nt pipe support = Yes nt status support = Yes announce version = 4.9 announce as = NT max mux = 50 max xmit = 16644 name resolve order = lmhosts host wins bcast max ttl = 259200 max wins ttl = 518400 min wins ttl = 21600 time server = No unix extensions = No change notify timeout = 60 deadtime = 0 getwd cache = Yes keepalive = 300 lpq cache time = 10 max smbd processes = 0 max disk size = 0 max open files = 10000 name cache timeout = 660 read size = 16384 socket options = TCP_NODELAY stat cache size = 50 use mmap = Yes total print jobs = 0 load printers = Yes printcap name = lpstat disable spoolss = No enumports command = addprinter command = deleteprinter command = show add printer wizard = Yes os2 driver map = strip dot = No mangling method = hash character set = mangled stack = 50 stat cache = Yes domain admin group = domain guest group = machine password timeout = 604800 add user script = delete user script = logon script = logon path = \\%N\%U\profile logon drive = logon home = \\%L\%U\.profiles domain logons = No os level = 20 lm announce = Auto lm interval = 60 preferred master = Auto local master = Yes domain master = Auto browse list = Yes enhanced browsing = Yes dns proxy = Yes wins proxy = No wins server = wins support = No wins hook = kernel oplocks = Yes lock spin count = 3 lock spin time = 10 oplock break wait time = 0 add share command = change share command = delete share command = config file = preload = lock dir = /var/locks/samba.d pid directory = /usr/lib/samba/var/locks utmp directory = wtmp directory = utmp = No default service = message command = dfree command = valid chars = remote announce = remote browse sync = socket address = 0.0.0.0 homedir map = time offset = 0 NIS homedir = No source environment = panic action = hide local users = No host msdfs = No winbind uid = winbind gid = template homedir = /home/%D/%U template shell = /bin/false winbind separator = \ winbind cache time = 15 winbind enum users = Yes winbind enum groups = Yes winbind use default domain = No comment = path = alternate permissions = No username = guest account = nouser invalid users = valid users = admin users = read list = write list = printer admin = force user = force group = read only = Yes create mask = 0744 force create mode = 00 security mask = 0777 force security mode = 00 directory mask = 0755 force directory mode = 00 directory security mask = 0777 force directory security mode = 00 force unknown acl user = 00 inherit permissions = No inherit acls = No guest only = No guest ok = No only user = No hosts allow = hosts deny = status = Yes nt acl support = Yes profile acls = No block size = 1024 max connections = 0 min print space = 0 strict allocate = No strict sync = No sync always = No write cache size = 0 max print jobs = 1000 printable = No postscript = No printing = sysv print command = lp -c -d%p %s; rm %s lpq command = lpstat -o%p lprm command = cancel %p-%j lppause command = lp -i %p-%j -H hold lpresume command = lp -i %p-%j -H resume queuepause command = disable %p queueresume command = enable %p printer name = use client driver = No default devmode = No printer driver = printer driver file = /etc/samba.d/printers.def printer driver location = default case = lower case sensitive = No preserve case = Yes short preserve case = Yes mangle case = No mangling char = ~ hide dot files = Yes hide unreadable = No delete veto files = No veto files = hide files = veto oplock files = map system = No map hidden = No map archive = Yes mangled names = Yes mangled map = browseable = Yes blocking locks = Yes csc policy = manual fake oplocks = No locking = Yes oplocks = Yes level2 oplocks = Yes oplock contention limit = 2 posix locking = Yes strict locking = No share modes = Yes copy = include = exec = preexec close = No postexec = root preexec = root preexec close = No root postexec = available = Yes volume = fstype = NTFS set directory = No wide links = Yes follow symlinks = Yes dont descend = magic script = magic output = delete readonly = No dos filemode = No dos filetimes = No dos filetime resolution = No fake directory create times = No vfs object = vfs options = msdfs root = No [homes] comment = Home Directories guest account = guest read only = No [printers] comment = All Printers path = /var/spool/samba printable = Yes browseable = No [tmp] comment = Temporary file space path = /tmp read only = No guest ok = Yes [public] comment = Public Stuff path = /usr/john read only = No guest only = Yes guest ok = Yes [fredsdir] comment = Fred's Service path = /usr/somewhere/private valid users = fred read only = No guest ok = Yes
> I cannot seem to beat the password problems on SAMBA. I have tried > everything from removing all references to passwords to installing the > simplest smb.conf file<snip>> Any suggestions, remember security is not a problem, it is for storageand> testing etc.Well, if you truly want to throw security out the window, you probably want security = share instead of security = user ... Connections will be unauthenticated guests ~ Daniel ----------------------------------------------------------------------- This message is the property of Time Inc. or its affiliates. It may be legally privileged and/or confidential and is intended only for the use of the addressee(s). No addressee should forward, print, copy, or otherwise reproduce this message in any manner that would allow it to be viewed by any individual not originally listed as a recipient. If the reader of this message is not the intended recipient, you are hereby notified that any unauthorized disclosure, dissemination, distribution, copying or the taking of any action in reliance on the information herein is strictly prohibited. If you have received this communication in error, please immediately notify the sender and delete this message. Thank you.