I tried adding "guest ok = no" in the [homes] section below and got the same
results.
On first access from a WinXP Client, the system requests a userid and
password. If you provide a userid and password, the system will Not allow
you to view the shares. The only way (that I've found) to get passed this
is to provide the userid Only -- this allows access to a window that
contains the shares. Clicking on one of the share icons provides access to
the shares without ever entering a password. This is the security issue we
need help fixing.
I'm looking forward to some feedback on this. Thanks! Greg
-----Original Message-----
Hi There,
I created a standalone server on CentOS 5.1 with samba at 25b on an x86_64
system. The shares defined below are available to the windows xp clients on
the 10.43.10.x/24 subnet. Samba also provides win server support to this
subnet.
We are having problems with password protection associated with the shares.
The first access to the samba server requests a userid -- this likely allows
samba to understand which home share should be displayed. At this point,
the client can access both the 'homes' share and the 'orr' share without
ever entering a password -- this is a security issue for us.
We need to figure out how to configure samba to enforce userid & password
protection prior to allowing access to a share. Below is a copy of the
smb.conf file that we are using for testing.
[global]
# workgroup and server identification
workgroup = ORRRANCH
server string =
netbios name = ORR00
interfaces = 10.43.10.0/24 lo
bind interfaces only = yes
hosts allow = 10.43.10. 127.0.0.
# logs split per machine; max 50KB per log file, then rotate
log file = /var/log/samba/%m.log
max log size = 50
# default user security, encrypted passwords and tdbsam
security = user
encrypt passwords = yes
passdb backend = tdbsam
# allow samba to be the domain master browser if possible
local master = yes
os level = 33
preferred master = yes
domain master = yes
# samba is a wins server for the system; use wins first
wins support =yes
name resolve order = wins hosts bcast
[homes]
comment = Home Directories
browseable = no
writable = yes
valid users = %S
path = /samba/home/%S
[orr]
comment = Orr Ranch Share
path = /samba/orr
valid users = greg catherine sarah brandon
guest ok = no
writable = yes
printable = no
create mask = 0765
Each of the 'valid users' have ids on the system and have used smbpasswd to
create samba passwords. Nsswitch.conf has been modified to add 'wins' to the
'hosts' line to assist with names resolution.
Any assistance would be appreciated!! Thanks, Greg
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
