On 18-May-09, at 11:48 PM, Michael Heydon wrote:
DNK wrote:
Why would this happen?
No idea...
Is there any disadvantage or security concern by using the "users =
@group" style?
Yes, the users option does something completely different to the
valid users option. While there may be some similarities in the end
result, they are not the same.
The most obvious issue is where two users happen to have the same
password, they will both authenticate as the first user in the list.
Can you paste your smb.conf?
*Michael Heydon - IT Administrator *
micha...@jaswin.com.au <mailto:micha...@jaswin.com.au>
Here it is.... pretty basic for the most part. I have clipped out all
my shares, but left in one example. In my below conf, the "main" share
originally had:
valid users = @main
But just to get it working for this AM, it now has:
users = @main
----- smb.conf -----
[global]
workgroup = DOMAIN
netbios name = Fileserver
server string = (%L)
wins support = Yes
name resolve order = wins bcast hosts
passdb backend = tdbsam
username map = /etc/samba/smbusers
add user script = /usr/sbin/useradd -m %u
delete user script = /usr/sbin/userdel -r %u
add group script = /usr/sbin/groupadd %g
delete group script = /usr/sbin/groupdel %g
add user to group script = /usr/sbin/groupmod -A %u %g
delete user from group script = /usr/sbin/groupmod -R %u %g
add machine script = /usr/sbin/useradd -s /bin/false -d /var/lib/
nobody %u
# Note: The following specifies the default logon script.
# Per user logon scripts can be specified in the user account using
pdbedit
logon script = %U.bat
# This sets the default profile path. Set per user paths with pdbedit
logon path =
logon drive = H:
logon home = \\%L\%U
domain logons = Yes
os level = 35
preferred master = Yes
domain master = Yes
idmap uid = 15000-20000
idmap gid = 15000-20000
#mac hacks
follow symlinks = yes
unix extensions = no
veto files = /.DS_Store/._.*/DesktopFolderDB/Network Trash Folder/
resource.frk/TheFindByContentFolder/TheVolumeSettingsFolder/
delete veto files = true
hide dot files = yes
[homes]
comment = Home Directories
valid users = %S
read only = No
browseable = No
[netlogon]
comment = Network Logon Service
path = /shares/netlogon
admin users = root
guest ok = Yes
browseable = No
[main]
comment = Share for the users in the baja group
path = /shares/main
users = @main
force group = main
create mask = 0660
directory mask = 0771
writeable = yes
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
