On Fri, 2022-09-16 at 10:02 +0000, Paul Ward wrote: > But we are already using 'hosts deny', 'hosts allow' and 'valid > users' which appear to have been implemented. > Is there a document showing what is implemented, rather than just > supported.
Samba has a vast list of config options, that can be seen in the smb.conf manpage (man smb.conf). Testing all possible combinations for Scale is not feasible, and some features also do not interact well with the clustered SMB server usecase on the CES nodes. So for Scale the answer is: Only the SMB options exposed through mmsmb and the GUI are tested and supported. You can try others, but do not expect support. The official way to get more options supported (through mmsmb) is to request this through an RFE. > If there are supported commands, that replace the three I have > mentioned (and force user/ force group) please let me know. "force user" and "force group" have been added in 5.1.3: https://www.ibm.com/docs/en/spectrum-scale/5.1.3?topic=reference-mmsmb-command https://www.ibm.com/docs/en/spectrum-scale/5.1.3?topic=summary-changes > We have shares where we want to restrict access to one of more > servers, no password required. > And shares where we want to restrict access to multiple AD users, > currently not specified in AD groups, although that is an option. Restricting access to a SMB share can be done with SMB share ACLs. That is essentially a second layer of ACLs, specific to SMB: https://www.ibm.com/docs/en/spectrum-scale/5.1.3?topic=shares-creating-smb-share-acls Regards, Christof _______________________________________________ gpfsug-discuss mailing list gpfsug-discuss at gpfsug.org http://gpfsug.org/mailman/listinfo/gpfsug-discuss_gpfsug.org
