On Tuesday 04 April 2006 14:15, Craig White wrote: > for the record, defaults are what you get when you don't specify > anything... > > from smb.conf > Default: workgroup = WORKGROUP and as in windows, it is always better to not use the default. > The default is security = user > > also, please note that the option is > security = share > not shares > I missed that. > security = share means that there are no users, no home directories and > login is a password with access/file permissions as the user specified > by smb.conf and thus a user name logging in is pointless when using > 'security = share' > I think we can take it that John Terpstra knows what he is talking about. From "Samba-2 by Example': "This installation demands simplicity. Frequent turn-over of volunteer staff would indicate that a network environment that requires users to logon might be problematic. It is suggested that the best solution for this office would be one where the user can log onto any PC with any username and password..... This oranisation is a prime candidate for Share Mode security." He goes on to say that ownership of files created can be forced. Note that he is saying that they would not need a password to access the shares. > The information is available in the man pages for smb.conf should either > the OP or the other people trying to help actually want to solve the > problem. > Very little information of this kind is available in the man pages. There is a lot of information in the original samba.conf file, but if you use swat or webmin to edit the file it will be overwritten and you will never see the useful stuff. I always rename a copy for safe-keeping before editing. If anyone needs a copy of the original I'm happy to supply one. > I don't know what the OP is actually trying to accomplish. Is it the > ability to access without passwords? security = share would probably be > ok but he should set a user and (map to guest = that user) and permit > guest (guest ok = yes) on each share. Again, I disagree, based on the authority of JT. > The section within the man page of > smb.conf 'security = share' completely describes this. There is no such section in the man page, so I presume you are referring to another document. It would be helpful to know which one. > Again note, > things like logon/home/profile shares are meaningless to a context of > 'security = share' > > SELinux issues can be a problem with samba - check /var/log/messages > Antonio specifically said that SELinux is disabled. Anne
Attachment:
pgpRroYmNgiBk.pgp
Description: PGP signature