I have never setup a Samba server, and the recent thread here prompted to get on this I need to migrate two XP machines from using iSCSI to Samba.
I thought the "+" preceding a username in the smb.conf file for a share definition told Samba to use the unix username? Unless I actually use swat to create and enable the user and take off the + it doesn't work.
Any ideas what swat does when you create a user through that interface?
Is there any way to simply force Samba to use locally created users in the share definition?
Thanks! jlc
On Thu, Oct 09, 2008, Joseph L. Casale wrote:
I have never setup a Samba server, and the recent thread here prompted to get on this I need to migrate two XP machines from using iSCSI to Samba.
I thought the "+" preceding a username in the smb.conf file for a share definition told Samba to use the unix username? Unless I actually use swat to create and enable the user and take off the + it doesn't work.
Why would you put user names in the smb.conf file?
Use encrypted passwords, then using the smbpasswd command to create entries in the smb.passwd file.
smbpasswd -a username
The -a option tells smbpasswd that the user is in the system /etc/passwd file. You will still need to type the password.
Bill
Joseph L. Casale wrote:
I have never setup a Samba server, and the recent thread here prompted to get on this I need to migrate two XP machines from using iSCSI to Samba.
I thought the "+" preceding a username in the smb.conf file for a share definition told Samba to use the unix username? Unless I actually use swat to create and enable the user and take off the + it doesn't work.
Any ideas what swat does when you create a user through that interface?
Is there any way to simply force Samba to use locally created users in the share definition?
I've always had to use
smbpasswd -a unixusername
then give them a password for smb use... the catch-22 is that SMB uses a completely different password hash algorithm than Unix/Linux /etc/passwd(shadow) passwords, so you can't use the one for the other.
Its much much easier if you use a central authentication database like LDAP (or if its already in use at the site, Active Directory).
I've always had to use
smbpasswd -a unixusername
then give them a password for smb use... the catch-22 is that SMB uses a completely different password hash algorithm than Unix/Linux /etc/passwd(shadow) passwords, so you can't use the one for the other.
Its much much easier if you use a central authentication database like LDAP (or if its already in use at the site, Active Directory).
Thanks guys, That's what I guess I didn't know. I was going to use AD integration but these PC's are dom members but they logon locally as they run some lame software won't run as a service and needs local admin to work, so I didn't want a domain username sitting accessible.
jlc
Joseph L. Casale wrote:
I've always had to use
smbpasswd -a unixusername
then give them a password for smb use... the catch-22 is that SMB uses a completely different password hash algorithm than Unix/Linux /etc/passwd(shadow) passwords, so you can't use the one for the other.
Its much much easier if you use a central authentication database like LDAP (or if its already in use at the site, Active Directory).
Thanks guys, That's what I guess I didn't know. I was going to use AD integration but these PC's are dom members but they logon locally as they run some lame software won't run as a service and needs local admin to work, so I didn't want a domain username sitting accessible.
you know individual Windows DOMAIN\usernames can be added to the local Administrators group on a workstation?
you know individual Windows DOMAIN\usernames can be added to the local Administrators group on a workstation?
yeah, but like I said, I didn't want a logged in user (can't even enable a locked screen saver) to be accessible by "someone". I could create perms denying this user explicitly etc but why? It's easier to make it a local user and not *ever* worry about managing it.
_______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
On Thu, October 9, 2008 4:18 pm, Joseph L. Casale wrote:
I have never setup a Samba server, and the recent thread here prompted to get on this I need to migrate two XP machines from using iSCSI to Samba.
I thought the "+" preceding a username in the smb.conf file for a share definition told Samba to use the unix username? Unless I actually use swat to create and enable the user and take off the + it doesn't work.
Any ideas what swat does when you create a user through that interface?
Is there any way to simply force Samba to use locally created users in the share definition?
Thanks! jlc
You use the + operator with authentication with winbind on a windows domain. If you would like to use samba without windows authentication then you can add the user accounts with useradd with the /sbin/nologin option and then add them to samba using the smbpasswd command. Hope this helps. Bo
-
Bill Campbell -
Bo Lynch -
John R Pierce -
Joseph L. Casale