• Welcome to Overclockers Forums! Join us to reply in threads, receive reduced ads, and to customize your site experience!

adding users & passwords for samba file server

Overclockers is supported by our readers. When you click a link to make a purchase, we may earn a commission. Learn More.

bdf24

Senior Member
Joined
Feb 15, 2001
Location
Harford, WI.
I've got a samba file server up to host files for my network. I've got basically two directories in it. One for sharing with the whole network and one to store private files on.

What I would like to do is have the directory for private files be invissible so you have to manually type the path in. And then have to enter a user id and password to gain access. Is this possibe and how do I do it?

I want to keep the other directory totolly open to all network PC's though at the same time.

right now by setting "browsable" to no I can make it invisible. But how do I set it up to ask for a user ID and password when I try to access it? And how do I create the user and password in samba config?

I've searched and searched and could find stuff. But I'm having a little bit of a hard time understanding a lot of it. I'm still pretty new to all this.
If you need me to post a copy of my smb.conf so you can better help me out or point me in the right direction let me know.

Thanks guys
 
Here's a bit from the samba doucmentation that might help you:
NOTE ABOUT USERNAME/PASSWORD VALIDATION

There are a number of ways in which a user can connect to a service. The server uses the following steps in determining if it will allow a connection to a specified service. If all the steps fail, then the connection request is rejected. However, if one of the steps succeeds, then the following steps are not checked.

If the service is marked "guest only = yes" and the server is running with share-level security ("security = share") then steps 1 to 5 are skipped.

1.

If the client has passed a username/password pair and that username/password pair is validated by the UNIX system's password programs then the connection is made as that username. Note that this includes the \\server\service%username method of passing a username.
2.

If the client has previously registered a username with the system and now supplies a correct password for that username then the connection is allowed.
3.

The client's NetBIOS name and any previously used user names are checked against the supplied password, if they match then the connection is allowed as the corresponding user.
4.

If the client has previously validated a username/password pair with the server and the client has passed the validation token then that username is used.
5.

If a "user = " field is given in the smb.conf file for the service and the client has supplied a password, and that password matches (according to the UNIX system's password checking) with one of the usernames from the "user =" field then the connection is made as the username in the "user =" line. If one of the username in the "user =" list begins with a '@' then that name expands to a list of names in the group of the same name.
6.

If the service is a guest service then a connection is made as the username given in the "guest account =" for the service, irrespective of the supplied password.

I suggest you create a new user account on the server, and set its samba password (using smbpasswd). The user/pass pair must match that which you want to the client to prompt for when connecting.

Then, in your smb.conf, using the user and browsable directives to make the share invisible and only accessible by that user. In other words:
browsable = no
user = your_user_here

Good luck :)
 
I gotta tell you. This is all so confusing to me:eek: I'm having such a hard time understanding and using the command line to do everything. I can do some but I'm limited.
I don't understand how to create the password and user ID's on the linux box. So that it will pop up and ask when I try to access that directory. I know there's a passwd directory and file but I don't understand what I'm supposed to type in there or create.

I was able to create another account on the linux box thru the webconfig. So I then created the same account on my XP box with the same user name and password on the linux box. I'm able to view the Private directory from that account and not the main on on the XP box. Which will work for now.

But I'd actually prefer something a little more discrete. So the average person would'nt even know the account exists unless they actually go looking for it maybe.
 
The useradd command can be used to add an user to the system. To get specific info on its use, you can check its manual page, which is done by typing the following (press q to quit):
man useradd

To set a Samba password, you need to use the smbpasswd program. It also has a man page, so you can read it in the same manner as useradd.

I'm not an expert on XP, but I beleive that if you create an account with a different username and password as the main one on your XP box, set the share to unbrowsable, and use the user = directive on in the share definition in your smb.conf, that might do what you're looking for. The share would be invisible, and you'd have to type in its name to be able to access it. Everytime you attempt to access it, you'd have to enter a username and password (the one's you set on the server). At least that's how I think XP would handle a share set up like that, but I'm no Windows expert.

I hope that was clear. If you want me to further explain anything, feel free to ask :)
 
I'll have to read up on the smbpasswd program to get what I want I think. I've created another user already. But this way I have to have another XP account on my machine. Then I cannot view the contents of the private folder unless I'm logged in the the private account in XP. And that's set up with a password so it's secure for now and works.

I'll do some more reading on it to see if I'm even able to do what I really want done.
Thanks for the tips on how to get the manuals.

I'll let you know what I come up with.
 
Back