I see. As the document suggests this is for configuring CIFS client
not CIFS server:
nsmbrc– configuration file for Solaris CIFS client requests
Afshin
Ryland DuFour wrote:
Oh, I am already joined to domain. No big deal on hiding the shares, I
was just curious.
For the "sharectl ....domain=" part I was just looking for a way for my
windows workgroup users to not have to enter domain\useranme when
mapping a drive or connecting via UNC. Here is the doc that mentioned
this
http://docs.sun.com/app/docs/doc/819-2251/nsmbrc-4?a=view
________________________________________
From: afshin.ardak...@sun.com [afshin.ardak...@sun.com]
Sent: Wednesday, March 10, 2010 1:40 PM
To: Ryland DuFour
Cc: Alan M Wright; cifs-discuss@opensolaris.org
Subject: Re: [cifs-discuss] CIFS AD and UNC
the domain option should be too old because I don't even remember
having this option :)
In order to get authenticated in a domain, CIFS server should be
a member of that domain using "smbadm join". Some Kerberos and DNS
configuration is needed before you can join a domain so take a look
at the following section in the CIFS administration guide:
http://docs.sun.com/app/docs/doc/820-2429/configuredomainmodetask?a=view
[link to the PDF version: http://dlc.sun.com/pdf/820-2429/820-2429.pdf]
There is no way to hide shares, although I don't understand why you
wouldn't want to see them?! The whole purpose of typing \\computername
is to get a list of exported shares on that system!!
Afshin
Ryland DuFour wrote:
> Excellent! Upgraded to build 133 yesterday. I had wanted to do that
anyway so thanks for the push.
>
> Your suggestion worked perfectly. I started digging into "sharectl"
a bit more and saw what looks like older documents that said using:
>
> #sharectl set -p domain=DOMAIN.COM smb
>
> would force any authentication to that domain. I don't see that as
an option in build 133. How would I do this now? Also, any way to hide
the shares once they are created so when I go to \\computername and
authenticate I don't see the shares?
>
> Thanks, you have been a big help.
> ________________________________________
> From: alan.m.wri...@sun.com [alan.m.wri...@sun.com] On Behalf Of Alan
M Wright [...@sun.com]
> Sent: Tuesday, March 09, 2010 2:30 AM
> To: Ryland DuFour
> Cc: cifs-discuss@opensolaris.org
> Subject: Re: [cifs-discuss] CIFS AD and UNC
>
> On 03/08/10 19:22, Ryland DuFour wrote:
> > I have opensolaris 2009.06 joined to AD.
>
> I recommend that you upgrade. 2009.06 was not a good
> vintage for SMB.
>
> # pfexec pkg set-publisher -O http://pkg.opensolaris.org/dev
opensolaris.org
> # pfexec pkg image-update
>
> > ... I have to supply credentials to map the drives.
> > What I can't figure out, is why when I use a UNC path to
> > my server \\servername, any user from any workgroup or other
> > domain in my network can see all of the shares on the solaris
> > server. I would think that just trying to get to the root at
> > \\servername would still prompt for credentials.
> > Thanks for the help
>
> By default, any user can get a list of shares over SMB;
> no authentication is required.
>
> To change that: restrict anonymous access, create a local
> account called guest and set a password.
>
> # sharectl set -p restrict_anonymous=true smb
> # useradd guest
> # passwd guest
> New Password: ...
> Re-enter new Password: ...
> passwd: password successfully changed for guest
>
> Alan
> _______________________________________________
> cifs-discuss mailing list
> cifs-discuss@opensolaris.org
> http://mail.opensolaris.org/mailman/listinfo/cifs-discuss
_______________________________________________
cifs-discuss mailing list
cifs-discuss@opensolaris.org
http://mail.opensolaris.org/mailman/listinfo/cifs-discuss
