Find the answer to your Linux question:
Results 1 to 4 of 4
I'M reading "Linux + Guide to Linux Certification" and I've come to samba and I'M having trouble understanding a few things. The book says I need to add a username ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Linux Newbie
    Join Date
    Dec 2010
    Posts
    122

    understanding samba


    I'M reading "Linux + Guide to Linux Certification" and I've come to samba and I'M having trouble understanding a few things. The book says I need to add a username and password on the Linux system that corresponds to the username and password on the Windows clients? And then another samba password that's the same as the Windows password. This raises a few questions with me. If a lot of the servers out there are Linux servers I doubt they all have a username and password for the millions of clients they get per day/month. I'M setting all this up in part just to learn Linux, networking, and servers and I may use it as a local media server for my house. So how would a devices like my D-Link media streamer or my WD TV Live Plus take advantage of such a server being that they don't have usernames or passwords? Also, Linux wants usernames to start with a lowercase letter and all my Windows usernames start with a capital, how's all this to work out? Thanks.

  2. #2
    Linux Newbie arespi's Avatar
    Join Date
    May 2011
    Location
    Monterrey , Mexico
    Posts
    147
    Hi

    I am not an expert on SAMBA , but i have played with it some times. Remember SAMBA is basically about shared folders and their access permissions. Authentication can be setup in many different ways with different behaviors each one of them. You can set it to depend on a DOMAIN, in this case, you need a Wndows domain controller (which also can be a samba server). In this case you create an user in linux the same as in windows and the password is matched against the data in the windows domain controller.

    If you set it up as SERVER or USER, you set up the shared folders access permissions over the linux usernames, each one of them it their own password, if a Windows user need to access those shared folder , it will need to supply a valid username and password , and to make the things easier is best to use the same user names and passwords for linux and windows or the user will have to type the linux username and password each time he access the shared folders.

    About what you say about the linux servers and the millions of users, well, yes, but I doubt most of them use SAMBA, and if they do, there are tools to replicate the data from the windows active directory users to the linux servers.

    Also you can have shared folders open for all, not very secure at all , but useful for the kind of devices you mention. About the linux user names rules I think they can be customized , look for PAM rules.

    what I just posted may be somewhat outdated and I hope not too inaccurate.

    Good luck

  3. #3
    Just Joined!
    Join Date
    Aug 2007
    Location
    Fairfax, VA
    Posts
    22
    This is a very loaded question, because they're many ways to skin a cat.

    So Samba has five major authentication methods;

    user = local database, using smbpasswd
    ads = windows domain
    domain = legacy windows domain
    kerberos = windows or ldap or kerberos (windows active directory uses kerberos by default)
    ldap = ldap directory

    So first thing, all of these methods is a user repository, you can create users in it and have samba 'authenticate' and use these databases to validate users. User is by far the easiest method if you are new, I can certainly write a book but many people before me have written howtos and docs so I will stop here. I hope this will give you a better understanding on what needs to be done.

    So in short.

    1. Match workgroup to windows domain or workgroup
    2. Based upon which user directory you use, match windows to users in samba (security = users is the easiest)

    I hope this helps.

  4. #4
    Linux Engineer rcgreen's Avatar
    Join Date
    May 2006
    Location
    the hills
    Posts
    1,134
    If you have the statement security = share in your configuration,
    anonymous Windows clients can access the shares. This is what I do,
    but would not be secure in a business environment.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •