- Joined
- Oct 15, 2001
- Location
- Tennessee
Samba question (authentication without domain)
I need some help with Samba. I've used it, before, but usually in a domain environment or in an anonymous environment. I'm having trouble getting it to work for a slightly different scenario. I'll go over the network scenario first, then ask the question.
The scenario is this: I have a CAD Lab with 16 computers. I need a central file server repository to serve two purposes. First, I need a publicly available share that anyone can read and write from, with no username or password required. Secondly, on the same file server, I need to have secure home directories for each of the users. The Lab contains 16 computers, but has approximately 100 users. These users need to have a place to put their files, where other users can't access them. This is, unfortunately, necessary because of rampant plagairism. Users will be using different computers, from time to time. All of the computers are identically configured with Windows XP Professional. Roaming profiles and such aren't needed. I think a domain structure would be overkill to administer. I just want to add new accounts a few times a year and have to change passwords from time to time. I'm running ClarkConnect, which is based on FC2. I have Samba 3.X installed. I have chosen this distro because I've used it a LOT and it has an easy web GUI for administration, so I can train others (trusted staff) to go in and add users, change passwords, etc. This machine is also used as a printserver and has a nice CUPS web gui.
The problem is this: Right now, I have the network security mode set to "Share". When I try to click on the public share, that works fine. When I click on user's home folders, I want it to prompt me for a username and password. By default, however, Windows uses the guest account and then it asks me for a password. This, of course, doesn't work. I need to know what part of the Samba configuration that I need to change to accomplish my goal. I don't mind doing some reading on my own, but right now, I don't even know where to start. Of course, I wouldn't mind any smb.conf examples, either
I've picked through the Samba documentation, but I haven't found the issue that I'm looking for.
Thanks, in advance, for your help. This forum is the best.
*EDIT*
I thought I would post my current smb.conf:
#======================= Global Settings =====================================
[global]
os level = 80
local master = auto
domain master = auto
netbios name = CAD_Fileserver
workgroup = CAD
server string = CAD Fileserver
bind interfaces only = yes
interfaces = eth0
use client driver = yes
printcap name = /etc/printcap
load printers = yes
max log size = 50
security = share
guest ok = no
encrypt passwords = yes
smb passwd file = /etc/samba/smbpasswd
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
dns proxy = no
utmp = yes
# For low-risk security reasons on Win2000/WinXP networks (no Win98)
# restrict anonymous = 2
# WINS / VPN
# ----------
preferred master = auto
wins support = no
wins server =
# Other handy directives
# ----------------------
# domain master = yes
# local master = yes
# os level = 65
# remote announce =
# remote browse sync =
#============================ Share Definitions ==============================
idmap uid = 16777216-33554431
idmap gid = 16777216-33554431
template shell = /bin/false
winbind use default domain = no
[printers]
printing = cups
print command = lpr -r -P%p -o raw %s
printer admin = guest
browseable = yes
printable = yes
public = yes
guest ok = yes
[homes]
read only = no
browseable = yes
[shared]
comment = Public Shared Folder
path = /home/shared
browseable = yes
guest only = yes
writable = yes
public = yes
I need some help with Samba. I've used it, before, but usually in a domain environment or in an anonymous environment. I'm having trouble getting it to work for a slightly different scenario. I'll go over the network scenario first, then ask the question.
The scenario is this: I have a CAD Lab with 16 computers. I need a central file server repository to serve two purposes. First, I need a publicly available share that anyone can read and write from, with no username or password required. Secondly, on the same file server, I need to have secure home directories for each of the users. The Lab contains 16 computers, but has approximately 100 users. These users need to have a place to put their files, where other users can't access them. This is, unfortunately, necessary because of rampant plagairism. Users will be using different computers, from time to time. All of the computers are identically configured with Windows XP Professional. Roaming profiles and such aren't needed. I think a domain structure would be overkill to administer. I just want to add new accounts a few times a year and have to change passwords from time to time. I'm running ClarkConnect, which is based on FC2. I have Samba 3.X installed. I have chosen this distro because I've used it a LOT and it has an easy web GUI for administration, so I can train others (trusted staff) to go in and add users, change passwords, etc. This machine is also used as a printserver and has a nice CUPS web gui.
The problem is this: Right now, I have the network security mode set to "Share". When I try to click on the public share, that works fine. When I click on user's home folders, I want it to prompt me for a username and password. By default, however, Windows uses the guest account and then it asks me for a password. This, of course, doesn't work. I need to know what part of the Samba configuration that I need to change to accomplish my goal. I don't mind doing some reading on my own, but right now, I don't even know where to start. Of course, I wouldn't mind any smb.conf examples, either
I've picked through the Samba documentation, but I haven't found the issue that I'm looking for.Thanks, in advance, for your help. This forum is the best.
*EDIT*
I thought I would post my current smb.conf:
#======================= Global Settings =====================================
[global]
os level = 80
local master = auto
domain master = auto
netbios name = CAD_Fileserver
workgroup = CAD
server string = CAD Fileserver
bind interfaces only = yes
interfaces = eth0
use client driver = yes
printcap name = /etc/printcap
load printers = yes
max log size = 50
security = share
guest ok = no
encrypt passwords = yes
smb passwd file = /etc/samba/smbpasswd
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
dns proxy = no
utmp = yes
# For low-risk security reasons on Win2000/WinXP networks (no Win98)
# restrict anonymous = 2
# WINS / VPN
# ----------
preferred master = auto
wins support = no
wins server =
# Other handy directives
# ----------------------
# domain master = yes
# local master = yes
# os level = 65
# remote announce =
# remote browse sync =
#============================ Share Definitions ==============================
idmap uid = 16777216-33554431
idmap gid = 16777216-33554431
template shell = /bin/false
winbind use default domain = no
[printers]
printing = cups
print command = lpr -r -P%p -o raw %s
printer admin = guest
browseable = yes
printable = yes
public = yes
guest ok = yes
[homes]
read only = no
browseable = yes
[shared]
comment = Public Shared Folder
path = /home/shared
browseable = yes
guest only = yes
writable = yes
public = yes
Last edited:
