HPE Community
Operating System - Linux
1819872 Members
2737 Online
109607 Solutions
New Discussion юеВ

Re: samba smb.conf issues....peer review needed

 
SOLVED
Go to solution
Oskar Teran
Frequent Advisor

тАО11-11-2004 04:51 PM

тАО11-11-2004 04:51 PM

samba smb.conf issues....peer review needed

hello,
I setup a Suse Standard server 8 as a domain controller on a network with win2k/win98 workstations. It was working fine for a few weeks and then samba started giving problems.
The problem is that this site has a business application that uses a flat-file database. This database has to be shared on a network drive (was win2k server, now Samba 2.2.8). So, I had it shared and it did work. But then it started giving permissions problems (wouldn't let index utility run, users couldn't start application from desktops).

I finally made it run by setting up samba with the most basic configuration. (SEE attached smb.conf files).

I'd like to return the server to work as a domain controller, but just give the 'sales' samba share minimal permissions (aka win98 style, anyone can do anything).
But regarding the other samba shares, I want to have some security over them so I can control who sees them. There's one share with accounting info. that's very sensitive so I can't have that share setup the same way as the 'sales' share.

Thanks,

Oskar
0 Kudos
Reply
7 REPLIES 7
gibsonsamuel
New Member

тАО11-12-2004 08:19 AM

тАО11-12-2004 08:19 AM

Re: samba smb.conf issues....peer review needed

Hi,

You could try using SFU 3.5 (Services for Unix) software of Microsoft to meet your requirement. You can download it free of cost from the following link.
http://www.microsoft.com/windows/sfu/default.asp
0 Kudos
Reply
Oskar Teran
Frequent Advisor

тАО11-12-2004 03:45 PM

тАО11-12-2004 03:45 PM

Re: samba smb.conf issues....peer review needed

I was hoping for some advice on the smb.conf configuration.
I fail to see how the microsoft product helps me.
I want to stick with the topic - the configuration of the smb.conf file.


Thanks,

Oskar
0 Kudos
Reply
Steven E. Protter
Exalted Contributor

тАО11-13-2004 11:05 AM

тАО11-13-2004 11:05 AM

Solution

Re: samba smb.conf issues....peer review needed

Sorry it took so long to get to this.

I have reviewed your smb.conf file and think everything is all fine with it.

This is most likely a permissions strategy issue.

If I ever do a samba/ldap authentication implementation, I'd probably use your file.

I would recommend you create a new unix/linux group for this application. If the ldap server is a microsoft pdc, add the same group to that controller.

Make all users in the ldap group have their primary(perferable) or at least secondary group be this new database group.

This means a new group and the sales and accounting id's all have to be in it. This still limits permissions pretty tightly.

Make sure the folder containing the application data and any temp/sort data is owned by a database user who is also in this new group.

Permissions in Linux/Unix should allow owner and group rw.

Run that check and try again and report results. I know its a little complex, but the samba config looks good.

If there is anything in the samba logs you think we'd find helpful, please post.

SEP
cheif linux congratulator
owner of a flu bug (get the blank out!)
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
Reply
Steven E. Protter
Exalted Contributor

тАО11-13-2004 11:36 AM

тАО11-13-2004 11:36 AM

Re: samba smb.conf issues....peer review needed

May be simpler.

A further review of the smb.conf file because of the way opera browser opens files tells my you may need to set the umask on new files to be compatible between the two groups, sales and accounting.

I noticed those settings are not set in smb.conf.

These additional instructions may work alone or in addition to my earlier post.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
Reply
Oskar Teran
Frequent Advisor

тАО11-15-2004 02:31 AM

тАО11-15-2004 02:31 AM

Re: samba smb.conf issues....peer review needed

here's a modified version of the smb.conf file.
I was trying to make the 'sales' share as unrestricted as possible while maintaining good security/restrictions for the rest of the shares.

What do you think?

0 Kudos
Reply
Oskar Teran
Frequent Advisor

тАО11-15-2004 02:36 AM

тАО11-15-2004 02:36 AM

Re: samba smb.conf issues....peer review needed

this is the log from when I setup samba with the 'basic' smb.conf settings.
The application worked perfectly, as the log shows.
But, it's too basic.....my goal is to have only the 'sales' folder working like this, while the rest of the config uses the original smb.conf settings

ps. I had to make a .zip file out of it
0 Kudos
Reply
Oskar Teran
Frequent Advisor

тАО11-15-2004 02:37 AM

тАО11-15-2004 02:37 AM

Re: samba smb.conf issues....peer review needed

this is the log with the original or 'advanced' smb.conf settings.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.