HPE Community
Operating System - HP-UX
1825775 Members
2433 Online
109687 Solutions
New Discussion

Re: Samba share securities problem

 
bill_allen
Frequent Advisor

‎11-09-2007 10:39 AM

‎11-09-2007 10:39 AM

Samba share securities problem

I am trying to achieve on one Samba server [unix2] with one set of global securities
what I can do on another Samba server [unix1] without changing the global security
settings. The setting below on unix1 for share fasview_pdf work just fine in our
production environment. The share is accessable by the business system and no username or password is required. When I try the same share setup on server unix2 the global securities force a user to enter a username and password which will not work with our business system code. The catch is that I really need to move this share off
of unix1 do to it being decommissioned and have unix2 share this out instead.
Unfortunately, I cannot change the global security settings on unix2 for other reasons.
I would like to to find out if it is possible to configure the fasview_pdf share on unix2
to behave like it does now on unix1 with some sort of overridding statements in the share
itself that would override the global settings just for that share. Is this possible? Below are my global settings and the needed share from smb.conf on both servers.




[smb.conf from server unix1]
==============================
[global]
netbios name = unix1
workgroup = foobar
server string =
log file = /var/opt/samba/log.%m
max log size = 1000
security = share
password server =
encrypt passwords = no
socket options = TCP_NODELAY
local master = no
case sensitive = yes
preserve case = yes
short preserve case = no
dos filetime resolution = yes
read only = no
syslog = 0

#============================ Share Definitions ==============================
[fasview_pdf]
comment =
path = /san/httpd/htdocs/ipd/foobar_released_ps
public = yes
writable = no
printable = no




[smb.conf from server unix2]
==============================

[global]
workgroup = FOOBAR
realm = NET.FOOBAR.COM
server string =
security = ADS
map to guest = Bad User
password server = ssomething.net.foobar.com, *
username map = /usr/local/etc/username.map
log level = 0
syslog = 0
log file = /var/opt/samba/log.%m
max log size = 10
wins server = 192.168.0.1
read only = No
dos filetime resolution = Yes
keepalive = 0

#============================ Share Definitions ==============================

[fasview_pdf]
comment =
path = /san/httpd/htdocs/ipd/foobar_released_ps
public = yes
writable = no
printable = no
0 Kudos
3 REPLIES 3
Norman Dignard
Regular Advisor

‎11-13-2007 12:31 AM

‎11-13-2007 12:31 AM

Re: Samba share securities problem

The global setup on both systems is not the same. On unix1 security = share on unix2 you define security=ADS

On ux1 authentication is restricted to local user accounts on ux1. On Ux2 authentication occurs between yoyr Winodws domain and local user accounts.

Did ux2 join the windows domain ?
0 Kudos
Dino_4
Frequent Advisor

‎11-13-2007 12:45 AM

‎11-13-2007 12:45 AM

Re: Samba share securities problem


Hi,

add this:

[fasview_pdf]
guest account = nobody (or else)
guest = ok

Never tried it myself, but might work.
0 Kudos
bill_allen
Frequent Advisor

‎11-26-2007 08:40 AM

‎11-26-2007 08:40 AM

Re: Samba share securities problem

Working on this problem has been postponed until another time. Thanks to all who commented.
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.