> -----Oorspronkelijk bericht----- > Van: samba [mailto:samba-bounces at lists.samba.org] Namens > cn--- via samba > Verzonden: dinsdag 26 oktober 2021 13:23 > Aan: samba at lists.samba.org > Onderwerp: Re: [Samba] domain-free multi-user use cases > > Am 26.10.21 um 13:00 schrieb Eric Levy via samba: > > > Such observations may be, I hope, useful toward putting > aside orthodox > > perception, and framing the matter through broader clarity, > I hope to > > show that a wish to create a multiuser mount without a domain > > controller is in principle rather sensible, and not, in the most > > general case, diminished by many of the common objections. > > As I mentioned earlier most people in your situation and > setup would opt > for NFS with its limitations. Also as I said pam_mount would > in the end > result do what you want. So I think it very unlikely that > this would be > implemented in Samba. > > > > > > To close on a more concrete remark, NFS currently has > limitations, as > > stated previously, of its own, including the insistence on matching > > numeric user identifiers, and lack of support for password > > authentication. Features useful for Samba might be considered > > separately from those available in NFS. > > Most people would use NFS in similar situations. They would > restrict the NFS to be only mounted (or even only accessible) by clients > that honour the requirement for Password auth. NFS can also support ACLsto make> this more fine grained. > > > I don't speak for the samba team. I just think your use case > is just to small to really relevant. > > Or do others think different here?Im still trying to understand what he exactly is saying. :-/ but thats me mostly. But if i only take these 2 alinea's> > To close on a more concrete remark, NFS currently has > limitations, as > > stated previously, of its own, including the insistence on matching > > numeric user identifiers, and lack of support for password > > authentication. Features useful for Samba might be considered > > separately from those available in NFS.Insistence on matching numeric user identifiers, great, its security. Lack of support for password, where, use kerberized NFS then. Samba might be considered separately from those available in NFS. VFS modules in samba will help here. I think above this is more a matter of.. Are we talking about "home" use or Bussiness use. For home use, yes, i can understand his point. For bussiness use, no, i dont get his point. Thats what i think but i might not gotten the big picture yet here. Greetz, Louis
Am 26.10.21 um 14:28 schrieb L. van Belle via samba:> > >> -----Oorspronkelijk bericht----- >> Van: samba [mailto:samba-bounces at lists.samba.org] Namens >> cn--- via samba >> Verzonden: dinsdag 26 oktober 2021 13:23 >> Aan: samba at lists.samba.org >> Onderwerp: Re: [Samba] domain-free multi-user use cases >> >> Am 26.10.21 um 13:00 schrieb Eric Levy via samba: >> >>> Such observations may be, I hope, useful toward putting >> aside orthodox >>> perception, and framing the matter through broader clarity, >> I hope to >>> show that a wish to create a multiuser mount without a domain >>> controller is in principle rather sensible, and not, in the most >>> general case, diminished by many of the common objections. >> >> As I mentioned earlier most people in your situation and >> setup would opt >> for NFS with its limitations. Also as I said pam_mount would >> in the end >> result do what you want. So I think it very unlikely that >> this would be >> implemented in Samba. >> >> >>> >>> To close on a more concrete remark, NFS currently has >> limitations, as >>> stated previously, of its own, including the insistence on matching >>> numeric user identifiers, and lack of support for password >>> authentication. Features useful for Samba might be considered >>> separately from those available in NFS. >> >> Most people would use NFS in similar situations. They would >> restrict the NFS to be only mounted (or even only accessible) by clients >> that honour the requirement for Password auth. NFS can also support ACLs > to make >> this more fine grained. >> >> >> I don't speak for the samba team. I just think your use case >> is just to small to really relevant. >> >> Or do others think different here? > > Im still trying to understand what he exactly is saying. > :-/ but thats me mostly. > > But if i only take these 2 alinea's > >>> To close on a more concrete remark, NFS currently has >> limitations, as >>> stated previously, of its own, including the insistence on matching >>> numeric user identifiers, and lack of support for password >>> authentication. Features useful for Samba might be considered >>> separately from those available in NFS. > > > Insistence on matching numeric user identifiers, great, its security. > Lack of support for password, where, use kerberized NFS then. > > Samba might be considered separately from those available in NFS. > VFS modules in samba will help here. > > I think above this is more a matter of.. > > Are we talking about "home" use or Bussiness use. > For home use, yes, i can understand his point. > For bussiness use, no, i dont get his point. > > > Thats what i think but i might not gotten the big picture yet here.This was the OP first post: https://www.spinics.net/lists/samba/msg170503.html It might help to understand. Regards -- Dr. Christian Naumer Vice President Unit Head Bioprocess Development BRAIN Biotech AG Darmstaedter Str. 34-36, D-64673 Zwingenberg e-mail cn at brain-biotech.com, homepage www.brain-biotech.com phone +49-6251-9331-30 / fax +49-6251-9331-11 Sitz der Gesellschaft: Zwingenberg/Bergstrasse Registergericht AG Darmstadt, HRB 24758 Vorstand: Adriaan Moelker (Vorstandsvorsitzender), Lukas Linnig Aufsichtsratsvorsitzender: Dr. Georg Kellinghusen
> > > > Thats what i think but i might not gotten the big picture yet here. > > This was the OP first post: > > https://www.spinics.net/lists/samba/msg170503.html > > It might help to understand. >Ah,, thats all.. So> I have a Linux server, and a NAS device from Synology. Both systems > have matching sets of user names.You must have matching usernames AND passwords AND UID/GIDS on both devices at least.. And LDAP/AD-DC helps here on that part.>From the server, I create a mount through the following command:$ sudo mount.cifs //diskstation/usr /mnt -ouser=master,multiuser,setuids,idsfromsid I'll assume .. Mounting /usr ? /mnt This is the user home //diskstation/usr ( and better use //FQ.DN.diskstation/usr ) /mnt/folder, better dont mess with the first folders /mnt always create a new folder there and use that one.> How may I achieve the desired mapping of ownership and permissions, > based on user name?I personaly dont use mount.cifs. So i cant tell much on that but i have seen very nice example here on the samba list. My large mail text crashed and .. Didnt save it .. Sight.. But maybe soon i'll be using.. https://www.windowsfx.org/ :-) the time to leave windows desktops getting closer.. Collega already installed and testing it. (its ubuntu + kde as base) Greetz, Louis