Oh, I am already joined to domain. No big deal on hiding the shares, I was just curious.
For the "sharectl ....domain=" part I was just looking for a way for my windows workgroup users to not have to enter domain\useranme when mapping a drive or connecting via UNC. Here is the doc that mentioned this http://docs.sun.com/app/docs/doc/819-2251/nsmbrc-4?a=view ________________________________________ From: afshin.ardak...@sun.com [afshin.ardak...@sun.com] Sent: Wednesday, March 10, 2010 1:40 PM To: Ryland DuFour Cc: Alan M Wright; cifs-discuss@opensolaris.org Subject: Re: [cifs-discuss] CIFS AD and UNC the domain option should be too old because I don't even remember having this option :) In order to get authenticated in a domain, CIFS server should be a member of that domain using "smbadm join". Some Kerberos and DNS configuration is needed before you can join a domain so take a look at the following section in the CIFS administration guide: http://docs.sun.com/app/docs/doc/820-2429/configuredomainmodetask?a=view [link to the PDF version: http://dlc.sun.com/pdf/820-2429/820-2429.pdf] There is no way to hide shares, although I don't understand why you wouldn't want to see them?! The whole purpose of typing \\computername is to get a list of exported shares on that system!! Afshin Ryland DuFour wrote: > Excellent! Upgraded to build 133 yesterday. I had wanted to do that anyway > so thanks for the push. > > Your suggestion worked perfectly. I started digging into "sharectl" a bit > more and saw what looks like older documents that said using: > > #sharectl set -p domain=DOMAIN.COM smb > > would force any authentication to that domain. I don't see that as an option > in build 133. How would I do this now? Also, any way to hide the shares > once they are created so when I go to \\computername and authenticate I don't > see the shares? > > Thanks, you have been a big help. > ________________________________________ > From: alan.m.wri...@sun.com [alan.m.wri...@sun.com] On Behalf Of Alan M > Wright [...@sun.com] > Sent: Tuesday, March 09, 2010 2:30 AM > To: Ryland DuFour > Cc: cifs-discuss@opensolaris.org > Subject: Re: [cifs-discuss] CIFS AD and UNC > > On 03/08/10 19:22, Ryland DuFour wrote: > > I have opensolaris 2009.06 joined to AD. > > I recommend that you upgrade. 2009.06 was not a good > vintage for SMB. > > # pfexec pkg set-publisher -O http://pkg.opensolaris.org/dev opensolaris.org > # pfexec pkg image-update > > > ... I have to supply credentials to map the drives. > > What I can't figure out, is why when I use a UNC path to > > my server \\servername, any user from any workgroup or other > > domain in my network can see all of the shares on the solaris > > server. I would think that just trying to get to the root at > > \\servername would still prompt for credentials. > > Thanks for the help > > By default, any user can get a list of shares over SMB; > no authentication is required. > > To change that: restrict anonymous access, create a local > account called guest and set a password. > > # sharectl set -p restrict_anonymous=true smb > # useradd guest > # passwd guest > New Password: ... > Re-enter new Password: ... > passwd: password successfully changed for guest > > Alan > _______________________________________________ > cifs-discuss mailing list > cifs-discuss@opensolaris.org > http://mail.opensolaris.org/mailman/listinfo/cifs-discuss
_______________________________________________ cifs-discuss mailing list cifs-discuss@opensolaris.org http://mail.opensolaris.org/mailman/listinfo/cifs-discuss
