Martijn Hazenberg
2006-Feb-16 11:41 UTC
[Samba] authenticate a share access to win2k3 server
Hi,
I have a samba server sharing some stuff. Now i want to enable access to
some share only to SOME users on the domain.
this is the smb.conf :
[global]
netbios name = DATASVR
server string = DATASVR
socket options = TCP_NODELAY SO_RCVBUF=16384 SO_SNDBUF=16384
idmap uid = 10000-20000
idmap gid = 10000-20000
winbind enum users = yes
winbind gid = 10000-20000
workgroup = LOKAAL
os level = 20
winbind enum groups = yes
socket address = 10.0.0.200
password server = *
preferred master = no
winbind separator = +
max log size = 50
log file = /var/log/samba3/log.%m
encrypt passwords = yes
dns proxy = yes
realm = .LOKAAL
security = ADS
wins server = 10.0.0.201
wins proxy = no
[share]
comment = stuff
path = /raid/stuff
writable = yes
read only = no
valid users = user1 user2
I was hoping that when a user selects the above share, they would get a
passwd screen, where they would have to fill in the same passwd as they
use for logging in to their xp machines. What would i need to do to
accomplish this ?
best regards,
Martijn
Martijn Hazenberg
2006-Feb-16 13:54 UTC
[Samba] authenticate a share access to win2k3 server
Hey ! Yes, im in the 2k3 domain. I was under the impression that when i set, security to ads or domain, it would ask the ads or domain server if would be ok. Ive set valid user to user1 for example, knowing that DOMAIN\user1 with correct passwd can login to the domain on the xp machine. I am not too familiar with ldap and stuff. I would just like to disable access to some shares for all users exept a couple. Best regards and thanks a lot for the help !!!! Martijn -----Oorspronkelijk bericht----- Van: Matt Smith [mailto:sysmatt@gmail.com] Verzonden: donderdag 16 februari 2006 13:01 Aan: Martijn Hazenberg Onderwerp: Re: [Samba] authenticate a share access to win2k3 server Hi Martin, Are you in a win2k3 domain? Also, do you want the SAMBA box to auto authenticate using Active directory credentials? Cheers, M. On 2/16/06, Martijn Hazenberg <Martijn@gova.info> wrote:> Hi, > > I have a samba server sharing some stuff. Now i want to enable access > to some share only to SOME users on the domain. > > this is the smb.conf : > > > [global] > netbios name = DATASVR > server string = DATASVR > socket options = TCP_NODELAY SO_RCVBUF=16384 SO_SNDBUF=16384 > idmap uid = 10000-20000 > idmap gid = 10000-20000 > winbind enum users = yes > winbind gid = 10000-20000 > workgroup = LOKAAL > os level = 20 > winbind enum groups = yes > socket address = 10.0.0.200 > password server = * > preferred master = no > winbind separator = + > max log size = 50 > log file = /var/log/samba3/log.%m > encrypt passwords = yes > dns proxy = yes > realm = .LOKAAL > security = ADS > wins server = 10.0.0.201 > wins proxy = no > > [share] > comment = stuff > path = /raid/stuff > writable = yes > read only = no > valid users = user1 user2 > > > I was hoping that when a user selects the above share, they would get > a passwd screen, where they would have to fill in the same passwd as > they use for logging in to their xp machines. What would i need to do > to accomplish this ? > > best regards, > Martijn > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/listinfo/samba >
Trimble, Ronald D
2006-Feb-16 14:23 UTC
[Samba] authenticate a share access to win2k3 server
I don't understand why you would want to have the user authenticate
again. If they are already signed into your domain and they try to
access a resource they have permission to, it should just let them in.
If they don't have access, it should prompt them for a valid username
and password.
-----Original Message-----
From: samba-bounces+ronald.trimble=unisys.com@lists.samba.org
[mailto:samba-bounces+ronald.trimble=unisys.com@lists.samba.org] On
Behalf Of Martijn Hazenberg
Sent: Thursday, February 16, 2006 6:41 AM
To: samba@lists.samba.org
Subject: [Samba] authenticate a share access to win2k3 server
Hi,
I have a samba server sharing some stuff. Now i want to enable access to
some share only to SOME users on the domain.
this is the smb.conf :
[global]
netbios name = DATASVR
server string = DATASVR
socket options = TCP_NODELAY SO_RCVBUF=16384 SO_SNDBUF=16384
idmap uid = 10000-20000
idmap gid = 10000-20000
winbind enum users = yes
winbind gid = 10000-20000
workgroup = LOKAAL
os level = 20
winbind enum groups = yes
socket address = 10.0.0.200
password server = *
preferred master = no
winbind separator = +
max log size = 50
log file = /var/log/samba3/log.%m
encrypt passwords = yes
dns proxy = yes
realm = .LOKAAL
security = ADS
wins server = 10.0.0.201
wins proxy = no
[share]
comment = stuff
path = /raid/stuff
writable = yes
read only = no
valid users = user1 user2
I was hoping that when a user selects the above share, they would get a
passwd screen, where they would have to fill in the same passwd as they
use for logging in to their xp machines. What would i need to do to
accomplish this ?
best regards,
Martijn
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
Martijn Hazenberg
2006-Feb-16 14:48 UTC
[Samba] authenticate a share access to win2k3 server
Ok,
It must be me being unclear.
Again... Some of the shares are implemented like this :
[share]
comment = share
path = /raid/share
writable = yes
browseable = yes
read only = no
public=yes
This means that everyone that is logged in to the xp machine on the
domain can access the share.
But i have two shares, which should only be available to 2 specific
users on the domain.
Now the question is, what is it i need to do to enable this?
Is this :
[share]
comment = share
path = /raid/share
writable = yes
browseable = yes
read only = no
valid user = domain_user_name
The only thing i need to do then to make it work ?
Best regards,
Martijn
-----Oorspronkelijk bericht-----
Van: Trimble, Ronald D [mailto:Ronald.Trimble@unisys.com]
Verzonden: donderdag 16 februari 2006 15:22
Aan: Martijn Hazenberg; samba@lists.samba.org
Onderwerp: RE: [Samba] authenticate a share access to win2k3 server
I don't understand why you would want to have the user authenticate
again. If they are already signed into your domain and they try to
access a resource they have permission to, it should just let them in.
If they don't have access, it should prompt them for a valid username
and password.
-----Original Message-----
From: samba-bounces+ronald.trimble=unisys.com@lists.samba.org
[mailto:samba-bounces+ronald.trimble=unisys.com@lists.samba.org] On
Behalf Of Martijn Hazenberg
Sent: Thursday, February 16, 2006 6:41 AM
To: samba@lists.samba.org
Subject: [Samba] authenticate a share access to win2k3 server
Hi,
I have a samba server sharing some stuff. Now i want to enable access to
some share only to SOME users on the domain.
this is the smb.conf :
[global]
netbios name = DATASVR
server string = DATASVR
socket options = TCP_NODELAY SO_RCVBUF=16384 SO_SNDBUF=16384
idmap uid = 10000-20000
idmap gid = 10000-20000
winbind enum users = yes
winbind gid = 10000-20000
workgroup = LOKAAL
os level = 20
winbind enum groups = yes
socket address = 10.0.0.200
password server = *
preferred master = no
winbind separator = +
max log size = 50
log file = /var/log/samba3/log.%m
encrypt passwords = yes
dns proxy = yes
realm = .LOKAAL
security = ADS
wins server = 10.0.0.201
wins proxy = no
[share]
comment = stuff
path = /raid/stuff
writable = yes
read only = no
valid users = user1 user2
I was hoping that when a user selects the above share, they would get a
passwd screen, where they would have to fill in the same passwd as they
use for logging in to their xp machines. What would i need to do to
accomplish this ?
best regards,
Martijn
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
Parker, Michael
2006-Feb-16 23:07 UTC
[Samba] authenticate a share access to win2k3 server
If I understand what your saying, use a line such as valid user
domain_user_name. If I'm logged in as mdp, but the share requires user
id xyz, the it should prompt you for a password automatically. At least
it does not my shares, but I also don't put in the browseable statement.
-----Original Message-----
From: samba-bounces+michael.parker=lithonia.com@lists.samba.org
[mailto:samba-bounces+michael.parker=lithonia.com@lists.samba.org] On
Behalf Of Martijn Hazenberg
Sent: Thursday, February 16, 2006 9:48 AM
To: Trimble, Ronald D
Cc: samba@lists.samba.org
Subject: RE: [Samba] authenticate a share access to win2k3 server
Ok,
It must be me being unclear.
Again... Some of the shares are implemented like this :
[share]
comment = share
path = /raid/share
writable = yes
browseable = yes
read only = no
public=yes
This means that everyone that is logged in to the xp machine on the
domain can access the share.
But i have two shares, which should only be available to 2 specific
users on the domain.
Now the question is, what is it i need to do to enable this?
Is this :
[share]
comment = share
path = /raid/share
writable = yes
browseable = yes
read only = no
valid user = domain_user_name
The only thing i need to do then to make it work ?
Best regards,
Martijn
-----Oorspronkelijk bericht-----
Van: Trimble, Ronald D [mailto:Ronald.Trimble@unisys.com]
Verzonden: donderdag 16 februari 2006 15:22
Aan: Martijn Hazenberg; samba@lists.samba.org
Onderwerp: RE: [Samba] authenticate a share access to win2k3 server
I don't understand why you would want to have the user authenticate
again. If they are already signed into your domain and they try to
access a resource they have permission to, it should just let them in.
If they don't have access, it should prompt them for a valid username
and password.
-----Original Message-----
From: samba-bounces+ronald.trimble=unisys.com@lists.samba.org
[mailto:samba-bounces+ronald.trimble=unisys.com@lists.samba.org] On
Behalf Of Martijn Hazenberg
Sent: Thursday, February 16, 2006 6:41 AM
To: samba@lists.samba.org
Subject: [Samba] authenticate a share access to win2k3 server
Hi,
I have a samba server sharing some stuff. Now i want to enable access to
some share only to SOME users on the domain.
this is the smb.conf :
[global]
netbios name = DATASVR
server string = DATASVR
socket options = TCP_NODELAY SO_RCVBUF=16384 SO_SNDBUF=16384
idmap uid = 10000-20000
idmap gid = 10000-20000
winbind enum users = yes
winbind gid = 10000-20000
workgroup = LOKAAL
os level = 20
winbind enum groups = yes
socket address = 10.0.0.200
password server = *
preferred master = no
winbind separator = +
max log size = 50
log file = /var/log/samba3/log.%m
encrypt passwords = yes
dns proxy = yes
realm = .LOKAAL
security = ADS
wins server = 10.0.0.201
wins proxy = no
[share]
comment = stuff
path = /raid/stuff
writable = yes
read only = no
valid users = user1 user2
I was hoping that when a user selects the above share, they would get a
passwd screen, where they would have to fill in the same passwd as they
use for logging in to their xp machines. What would i need to do to
accomplish this ?
best regards,
Martijn
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba