Re: [PLUG] Nautilus problem with Windows share.
I do not normally use this, but I maintain it for other users. Here is how this works on our systems: 1. Start the file browser (Nautilus) 2. Connect To Server (bottom left hand side (BLHS) of the window) 3. Server address: smb://yourSmbServerGoesHere --> Connect 4. You should see the shares exported by your SMB server 5. Double Click on the share you want to access - Dialog with user/domain/password pops out --> Connect That is how it works on my side. I personally do not like that I cannot access these shares in normal linux file system which creates bunch of usage problems. So, I usually mount it either using autofs or mount. Best luck, Tomas On Sat, 2017-06-17 at 01:43 -0700, Michael Christopher Robinson wrote: > I need to connect to a FreeNAS 11 exported Windows share as a > different user than my Linux user. My Linux user is Michael, > the share owner is Andy. Nautilus doesn't seem to allow > connecting to a cifs share as a different user than the login > user. Is there a simple workaround for this problem? Every > attempt to connect to a share by nautilus or even Windows 10 > for that matter should require a username, workgroup name, and > password. I want to explicitly force logging in to connect to > a share. I want to block anonymous and other users who don't > own a share from even seeing that share let alone copying the > contents. > > The FreeNAS documentation suggests that not checking browseable > offers very little security. If you aren't Andy, you shouldn't > be able to read let alone see Andy_Backup. Maybe implementing > that isn't possible. Someone else's backup is none of my > business where restoring it on my computer is potentially > illegal as well as a privacy issue. > > Note that I don't know what active directory is and I'm doing > NT4 on the FreeNAS 11 server. There isn't a domain controller > nor is the FreeNAS box a domain master. The passwords and > usernames are easily going to be different on the Windows or > Linux box than the FreeNAS 11 box. Nautilus is problematic > because it doesn't allow connecting to a share as someone > else or with a different password. > > I don't want a central authentication scheme for Windows where > failure of the authentication server translates to not being > able to use your own laptop or desktop machine. For this > reason and because of my limited knowledge, I'm leery of > implementing openldap or any other central authentication > scheme. > > If only someone would implement a Windows, Linux, and Mac > OS-X compatible alternative to CIFS that is secure. Seems > like Novell Netware was better back in the day, not sure > about now with Novell abandoning IPX/SPX in favor of > TCP/IP. > ___ > PLUG mailing list > PLUG@lists.pdxlinux.org > http://lists.pdxlinux.org/mailman/listinfo/plug ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug
Re: [PLUG] Nautilus problem with Windows share.
On 06/17/2017 01:43 AM, Michael Christopher Robinson wrote: > I need to connect to a FreeNAS 11 exported Windows share as a > different user than my Linux user. My Linux user is Michael, > the share owner is Andy. Nautilus doesn't seem to allow > connecting to a cifs share as a different user than the login > user. Is there a simple workaround for this problem? Every > attempt to connect to a share by nautilus or even Windows 10 > for that matter should require a username, workgroup name, and > password. I want to explicitly force logging in to connect to > a share. I want to block anonymous and other users who don't > own a share from even seeing that share let alone copying the > contents. > ... > Did you peruse the SAMBA wiki user documentation? https://wiki.samba.org/index.php/Main_Page https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Standalone_Server When people set up a "black box" and talk cifs shares, they tend to forget that is done via the SAMBA software project on Linux/Unix. The "black box" configuration web GUI may miss a few features. It been a while since I've bothered, since I no longer have a mixed OS collection here - everything is Linux/Unix and thus I've switched to NFS. SAMBA allows fine grained user authentication via all the standard and non-standard MS Windows protocols. You can simple set up public and private shares via a variety of authentication schemes. Typically the SAMBA configuration file is in /etc/samba For example /etc/samba/smb.cnf could contain, along with appropreaite server parameters, something like: # A publicly accessible directory, read/write to all users. Note that all files # created in the directory by users will be owned by the default user, so # any user with access can delete any other user's files. Obviously this # directory must be writable by the default user. Another user could of course # be specified, in which case all files would be owned by that user instead. [public] path = /usr/somewhere/else/public public = yes only guest = yes writable = yes printable = no # The following two entries demonstrate how to share a directory so that two # users can place files there that will be owned by the specific users. In this # setup, the directory should be writable by both users and should have the # sticky bit set on it to prevent abuse. Obviously this could be extended to # as many users as required. [myshare] comment = Mary's and Fred's stuff path = /usr/somewhere/shared valid users = mary fred public = no writable = yes printable = no create mask = 0765 = Have Fun. ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug
[PLUG] Nautilus problem with Windows share.
I need to connect to a FreeNAS 11 exported Windows share as a different user than my Linux user. My Linux user is Michael, the share owner is Andy. Nautilus doesn't seem to allow connecting to a cifs share as a different user than the login user. Is there a simple workaround for this problem? Every attempt to connect to a share by nautilus or even Windows 10 for that matter should require a username, workgroup name, and password. I want to explicitly force logging in to connect to a share. I want to block anonymous and other users who don't own a share from even seeing that share let alone copying the contents. The FreeNAS documentation suggests that not checking browseable offers very little security. If you aren't Andy, you shouldn't be able to read let alone see Andy_Backup. Maybe implementing that isn't possible. Someone else's backup is none of my business where restoring it on my computer is potentially illegal as well as a privacy issue. Note that I don't know what active directory is and I'm doing NT4 on the FreeNAS 11 server. There isn't a domain controller nor is the FreeNAS box a domain master. The passwords and usernames are easily going to be different on the Windows or Linux box than the FreeNAS 11 box. Nautilus is problematic because it doesn't allow connecting to a share as someone else or with a different password. I don't want a central authentication scheme for Windows where failure of the authentication server translates to not being able to use your own laptop or desktop machine. For this reason and because of my limited knowledge, I'm leery of implementing openldap or any other central authentication scheme. If only someone would implement a Windows, Linux, and Mac OS-X compatible alternative to CIFS that is secure. Seems like Novell Netware was better back in the day, not sure about now with Novell abandoning IPX/SPX in favor of TCP/IP. ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug
