2015-11-04 19:43 GMT+08:00 Rowland Penny <rowlandpenny241155 at gmail.com>:> On 04/11/15 11:33, Roger Wu wrote: > >> >> >> 2015-11-04 18:41 GMT+08:00 Rowland Penny <rowlandpenny241155 at gmail.com >> <mailto:rowlandpenny241155 at gmail.com>>: >> >> >> On 04/11/15 10:28, Roger Wu wrote: >> >> >> >> >> OK, you seem to be trying to set up a standalone server, >> you do >> realise that you will need to create your users on this as >> well as >> on the windows machines. >> >> >> yes, but I hope samba can use NIS authentication instead of >> using it's own database. >> Do I need to use smbpasswd to create user accounts again? It's >> against what I need... >> >> >> Well, as I don't know what you what, I can only advise on what I >> see, and I see you trying to setup a standalone server. >> >> >> You might as well remove these lines, they are the defaults: >> >> security = USER >> passdb backend = tdbsam >> >> >> Don't I need to set the security level? >> >> >> You don't need them because they are the *default* settings. >> >> >> You might as well remove this line, it isn't needed on a >> standalone server: >> >> idmap config * : backend = tdb >> >> I didn't set these parameters. They are reported by testparm >> command. >> >> >> Don't post a smb.conf from testparm without saying so, this is >> probably why you are getting the other two lines above, testparm >> shows *all* lines in smb.conf, the ones you added *and* the >> default ones. >> >> >> >> I think you are going to have to tell us just what you are trying >> to achieve. Also if your windows machines are part of a domain. >> >> Rowland >> >> Please pardon me for poor English. I tried to describe what I want as >> clear as I can. >> My goal is to make our users can access their own workstation account and >> personal files from windows XP/7. >> So, it seems to me that if I can setup a samba server and let users login >> from windows using NIS authentication, >> that would be perfect, then I don't need to create smb accounts again. >> > > OK, what you are trying to do is possible, but before we can help you, we > need just a little more information. > How many users and workstations do you have? > Do you have any Unix Workstations? > > You should never apologise for poor English, I do not know what your > language is, but I can guarantee I don't speak it, I only speak English :-) > > RowlandThanks for your kindness. We do have Unix/Linux Workstations, I'm not really sure how many machines we have, maybe around 30 with different domains. But I believe only few persons need samba service, it will be less than 20. Does that matter? Roger> > > The only thing a user needs to do is to explore the link such as >> \\testcad16\<user_account>, then one can access his own >> workstation account and files. >> >> In such case, how should I do to achieve my goal? >> I've been tried many samba versions, and each version seems to have mild >> difference while setting smb.conf. >> some parameters work and some don't for one version, but maybe stands in >> opposite for another. >> I am kind of confused which parameters are what I need. >> >> >> > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba >
On 04/11/15 12:58, Roger Wu wrote:> > > 2015-11-04 19:43 GMT+08:00 Rowland Penny <rowlandpenny241155 at gmail.com > <mailto:rowlandpenny241155 at gmail.com>>: > > On 04/11/15 11:33, Roger Wu wrote: > > > > 2015-11-04 18:41 GMT+08:00 Rowland Penny > <rowlandpenny241155 at gmail.com > <mailto:rowlandpenny241155 at gmail.com> > <mailto:rowlandpenny241155 at gmail.com > <mailto:rowlandpenny241155 at gmail.com>>>: > > > On 04/11/15 10:28, Roger Wu wrote: > > > > > OK, you seem to be trying to set up a standalone > server, > you do > realise that you will need to create your users on > this as > well as > on the windows machines. > > > yes, but I hope samba can use NIS authentication > instead of > using it's own database. > Do I need to use smbpasswd to create user accounts > again? It's > against what I need... > > > Well, as I don't know what you what, I can only advise on > what I > see, and I see you trying to setup a standalone server. > > > You might as well remove these lines, they are the > defaults: > > security = USER > passdb backend = tdbsam > > > Don't I need to set the security level? > > > You don't need them because they are the *default* settings. > > > You might as well remove this line, it isn't > needed on a > standalone server: > > idmap config * : backend = tdb > > I didn't set these parameters. They are reported by > testparm > command. > > > Don't post a smb.conf from testparm without saying so, this is > probably why you are getting the other two lines above, > testparm > shows *all* lines in smb.conf, the ones you added *and* the > default ones. > > > > I think you are going to have to tell us just what you are > trying > to achieve. Also if your windows machines are part of a > domain. > > Rowland > > Please pardon me for poor English. I tried to describe what I > want as clear as I can. > My goal is to make our users can access their own workstation > account and personal files from windows XP/7. > So, it seems to me that if I can setup a samba server and let > users login from windows using NIS authentication, > that would be perfect, then I don't need to create smb > accounts again. > > > OK, what you are trying to do is possible, but before we can help > you, we need just a little more information. > How many users and workstations do you have? > Do you have any Unix Workstations? > > You should never apologise for poor English, I do not know what > your language is, but I can guarantee I don't speak it, I only > speak English :-) > > Rowland > > > Thanks for your kindness. We do have Unix/Linux Workstations, I'm not > really sure how many machines we have, > maybe around 30 with different domains. > But I believe only few persons need samba service, it will be less > than 20. > Does that matter? > >Doh! now you have raised more questions :-D First, the more users that you have, the harder it gets to maintain them in a workgroup, about 8 users is the maximum from my experience. Some of them will never use more than one machine, but most will move from one machine to another and so they will have to have login details on *all* machines they will log into. This is where a domain comes in, you create the user in one place and the user can then login everywhere. Now we come to the new questions, will the Unix machines need to be part of the domain ? You mention that they are in different domains, do you mean domains or do you mean workgroups? Are any machines in a windows domain already? Finally, if you cannot set up a new domain, do your users need to own files on your samba server or do they just need to read & store files on the samba server. Rowland
2015-11-04 21:42 GMT+08:00 Rowland Penny <rowlandpenny241155 at gmail.com>:> On 04/11/15 12:58, Roger Wu wrote: > >> >> >> 2015-11-04 19:43 GMT+08:00 Rowland Penny <rowlandpenny241155 at gmail.com >> <mailto:rowlandpenny241155 at gmail.com>>: >> >> On 04/11/15 11:33, Roger Wu wrote: >> >> >> >> 2015-11-04 18:41 GMT+08:00 Rowland Penny >> <rowlandpenny241155 at gmail.com >> <mailto:rowlandpenny241155 at gmail.com> >> <mailto:rowlandpenny241155 at gmail.com >> >> <mailto:rowlandpenny241155 at gmail.com>>>: >> >> >> On 04/11/15 10:28, Roger Wu wrote: >> >> >> >> >> OK, you seem to be trying to set up a standalone >> server, >> you do >> realise that you will need to create your users on >> this as >> well as >> on the windows machines. >> >> >> yes, but I hope samba can use NIS authentication >> instead of >> using it's own database. >> Do I need to use smbpasswd to create user accounts >> again? It's >> against what I need... >> >> >> Well, as I don't know what you what, I can only advise on >> what I >> see, and I see you trying to setup a standalone server. >> >> >> You might as well remove these lines, they are the >> defaults: >> >> security = USER >> passdb backend = tdbsam >> >> >> Don't I need to set the security level? >> >> >> You don't need them because they are the *default* settings. >> >> >> You might as well remove this line, it isn't >> needed on a >> standalone server: >> >> idmap config * : backend = tdb >> >> I didn't set these parameters. They are reported by >> testparm >> command. >> >> >> Don't post a smb.conf from testparm without saying so, this is >> probably why you are getting the other two lines above, >> testparm >> shows *all* lines in smb.conf, the ones you added *and* the >> default ones. >> >> >> >> I think you are going to have to tell us just what you are >> trying >> to achieve. Also if your windows machines are part of a >> domain. >> >> Rowland >> >> Please pardon me for poor English. I tried to describe what I >> want as clear as I can. >> My goal is to make our users can access their own workstation >> account and personal files from windows XP/7. >> So, it seems to me that if I can setup a samba server and let >> users login from windows using NIS authentication, >> that would be perfect, then I don't need to create smb >> accounts again. >> >> >> OK, what you are trying to do is possible, but before we can help >> you, we need just a little more information. >> How many users and workstations do you have? >> Do you have any Unix Workstations? >> >> You should never apologise for poor English, I do not know what >> your language is, but I can guarantee I don't speak it, I only >> speak English :-) >> >> Rowland >> >> >> Thanks for your kindness. We do have Unix/Linux Workstations, I'm not >> really sure how many machines we have, >> maybe around 30 with different domains. >> But I believe only few persons need samba service, it will be less than >> 20. >> Does that matter? >> >> >> > Doh! now you have raised more questions :-D > > First, the more users that you have, the harder it gets to maintain them > in a workgroup, about 8 users is the maximum from my experience. Some of > them will never use more than one machine, but most will move from one > machine to another and so they will have to have login details on *all* > machines they will log into. This is where a domain comes in, you create > the user in one place and the user can then login everywhere. >I don't really get it. Maybe I misinterpret what you said. If our samba server works, users only want to access samba service using their own PC, that's what they need, they are not allowed to use others' PCs but their own. And yes, users can move from one machine to another, that's how a domain works, but we don't need to provide samba service between Workstation, only one way access from PCs to Workstations is needed for users. I am not worried about users limitation, it's just as I said that not so many users need this service. If so, I'll figure it out.> > Now we come to the new questions, will the Unix machines need to be part > of the domain ? >What do you mean "to be part of the domain"? We have unix/linux machines in each NIS domain, they are a part of their domain. Could you define your question more precisely?> You mention that they are in different domains, do you mean domains or do > you mean workgroups? >What I mean is NIS domain. We have three different domains, so I plan to start up one samba server for each domain separately As for workgroup, we only have one workgroup for windows, so it won't be an issue.> Are any machines in a windows domain already? >No.> Finally, if you cannot set up a new domain, do your users need to own > files on your samba server or do they just need to read & store files on > the samba server. > > Rowland > > They just need to read & store files on the samba server.Regards, Roger> > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba >