Samba

Tue Apr 4 19:54:15 UTC 2006

On Tuesday 04 April 2006 20:38, Craig White wrote:
> here's my issue - that I see OP asking a question and the answer is
> wrong and doesn't even comport to man page - obviously your answer
> didn't comport to man page because you couldn't find the right man page.
> In fact your answer was to tell him to use 'security = user' accompanied
> by an awkward explanation which didn't begin to solve his problem.
>
I have said from the start that my experience was not from the man page you 
quoted.  Here's my issue - you argue endlessly, but you do not give the 
original posters a solution to their problem in language they can understand.

> force user and force group are apparently valid options for
> 'security = share' and probably a likely candidate for a a really simple
> minded 'guest/public' setup.
>
> I don't use 'security = share' and never have. I am sort of vague on
> it's usage and I know that some of the samba developers would like to
> remove it entirely because of the confusion it causes and has been the
> topic on many occasions on samba list. Nonetheless, the section that I
> quoted from smb.conf is definitive and relevant.
>
I do not use it myself, for the same reasons.  Also, I did not doubt your 
quotations - I simply did not know where you found them.  Yes, you did give 
the correct man page by name - I'm guilty of doing what we all do from time 
to time, reading what I expected to see, which was 'samba man page'.

> > In the past, when the windows machines on my lan were win98 boxes the
> > users always felt to be logging in transparently, because they were
> > passing their windows login, and could not do anything else.  Since W2K,
> > of course, all that has changed, but it's no hardship to log in once for
> > a session, and I believe that it is a simpler way to have a semblance of
> > security.
> >
> > As always, YMMV
>
> ----
> once again, you have given confusing if not inaccurate. If the user and
> password and workgroup are the same, a Win98 and a Win2K connection to a
> 'security = user' samba would be handled in the same manner so I fail to
> see what you mean by 'all that has changed'
>
Since I do not use 'security = user' that is irrelevant.

> One of the differences between 'security = user' and 'security = share'
> is that a Windows client can access different shares with different
> passwords in 'security = share' but not with 'security = user'
>
The point I was making was that the user on a win98 box was often unaware that 
he was logging in.  IIRC the norm was for the windows login details to be 
passed to samba for authentication, without the user necessarily being aware 
of it.

This thread is not helping either of the original posters.  Please give them 
the simplest instructions you can.

Anne
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 191 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20060404/8a0aaa7e/attachment-0001.sig>