Linux Visibility on Microsoft Network

Rick Stevens rstevens at vitalstream.com
Mon Apr 19 20:52:37 UTC 2004 

Wesa, Richard (GE Consumer & Industrial) wrote:
> Rick,
> I still cannot map to any resources on the RedHat 9 server.
> On this Microsoft network should I be using 
> 	DOMAIN
> 	USER
> 	SERVER
> 	or SHARE security?
> Thanks... Richard

Sorry I didn't respond quickly, Richard.  I've been busy putting out
brush fires and getting beta code in some condition we can demo it in
(secret: NEVER tell your marketing department what you're working on--
they'll sell the bloody thing WAY before it's ready).

As to the security model--it rather depends on what your MS network
uses:

DOMAIN:	Your users are vetted by a Windows domain controller (WDC)
somewhere on your network.  If you use this model, you will need to
fill in the bits that tell Samba which WDC to use.

USER:	Each Windows user must ALSO have an account on the Linux box.
The user will be authenticated by Samba.  To use this, you must set up
user accounts for each Windows user, enable the "encrypt passwords =
yes" option in the Samba config file, and create a smbpasswd file on the
Linux machine.  Creating that file requires you to have the users'
cleartext passwords.  NOTE: If I recall correctly, your users' names all
start with a digit which is not permitted in Linux so this mode may be
unavailable to you.

SHARE:	Permission to access a given share is controlled by the access
settings on the share itself.  This includes things such as "guest ok = 
yes", "guest user = whatever", "authorized users = <list>" (also
requires the user accounts to be created and the smbpasswd file), etc.

Again, if you can tell me exactly what you're trying to do, the users
involved, the WDC (if you have one) and what client types (W98, ME,
that sort of thing) you have, I can try to brew up a file that'll do
what you want.

I'd recommend you send it to me directly (don't post it to the list)
and you may wish to encrypt it.  I am including my public GPG key below.

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.2.3 (GNU/Linux)

mQGiBDtlxWARBACk+qhJ6hiwtCQepjNG1QoNpqSfbY0gBmSUIw0CmDBq42GUzCZU
eMzGzumhN/hY0PRJHrNcs/+LvDZrNyEcR5o8wi6rZVSyYZjEEbx0y7f8J0Y8tKhL
nhH4o9Fj/ruLiRAp4O90Rvsc8ZiqPnt8MCswlwh5kmYZ5kMG7Pty9nmwVwCgyR3A
OqGwkhGpf50pJpKA9lAJxhkD/0drjTY30D1oIsIgEIfMhsYKeqS30Onw5Fah5GRe
JAFQpiiNGQ6gIwhUyNj9tNXcS1O3r4Yw0t8LwJ4mjAlpsiV4cWAnsGPl4TTt/zGv
/Ioz+fAo/5fcRYBXELteWcr/TLMd3ioPUjMgIzTZog/MhpJs4hgnr+JvrSBBhsuD
/yJDA/9rWQGiIvUS3WqXJLxVesmvZFKDIVkzzcgsVg87E4bxE5Ag1iKKmYMpo4RT
ZKP+KLjtWTWtcEq0MDGjil9cxXYComU/wtmCbN5HrolFe1P9O2bi/DjEg3LhJIVA
VNuvt/OysIhP+PzYK4bYgGa5UjXaeC7lJaIOyFGz95sLu2RjDrQwUmljayBTdGV2
ZW5zIChPZmZpY2UpIDxyc3RldmVuc0B2aXRhbHN0cmVhbS5jb20+iFcEExECABcF
AjtlxWAFCwcKAwQDFQMCAxYCAQIXgAAKCRAzBJWzyVE6p649AJ9GYII7226v8vmW
auyXx44lwfSBHQCfSxZYDAOm3XLG5npB0LFtbGUkqsG5AQ0EO2XFZBAEAPQDDI6F
DtAVroCYzVJPmQeNnn/z/JvSSTdWpj2EseoIcajjESE7BnX3r5z4rQ9TnxiXA9Ip
CnJBuJc/yFW7x+fpkHbefKpssMjjPduKWETSDFfkF3KbukJm9nL0G1AqltyG+31v
so/O5hwqdFjYb2NBouKtX+mOpj0Tzemk5f3jAAMFA/4uS5A+9V6UXCdBPVOeUydR
NDFYkVUqZlXH187SwyLUTB7tE0m9kWV07xkLCIaTAAZYpUsctPPSixVavDlic5N2
ac48RwokIvXl1jBWxbhod4S2bBlcOEFjUx7djwGCogJwgYdPo79kYJtvHV6fNeKe
5ooRLIF/Jbdw+k/q2qotqohGBBgRAgAGBQI7ZcVkAAoJEDMElbPJUTqn5M0AnjKR
56wPEeMx7oqH3FgUKMVaEXBGAKCZ38mrv9fY3jn1Dn2yC0YRUPAhsZkBogQ4kofk
EQQA3BP/+teI1bl17RqLEOaMv9VZEjm7pRlw6kO5qihyO1Ny1xIk+yjNBlaFqI09
bYcIaqOKtIUNoYM3o2B0iG2AGzx+3cOYtfAkhPhGWRFNt9Zevxw//sEh+Eyc8x8V
xSegkpbC9SlWk3MFN/8EL8Anh4BMeRAirDbcWanDBtJoJhcAoMcfKiZ4/OueiunI
bnO2lh+BtyzfA/9XnMlQ8i4xkhZEDWlJMPbXfnkEC1tmp9M87J95hEfIOyiJPHSa
6EvMe7Byqp4igT5MHEgbBObEmtLS4vx4dDPJEeLUt36DtyFpSYSC9mFknxPWTGqO
/GUHI+aJb361EzNaGd88vv38bDUC/HTmnMsEhyXMg4CQltgRGWCj4RiIMQP/QosA
aYTcZQ5aG2BqLg+cbDU8YXdfGgQZd52QfOw/fK68BkOv4YTiJx8+6Vb2QKMQvEWa
Hq7wEE8LrDePl52zsz5rwMfZfTnYtjv/76fdVaHE5fDsw+eFfIUATqn0+DhyiS9S
kVHny1pQBDSRmQQU6QAM9BRt68zlXZTLCQXTbHe0J01hdHRoZXcgSiBHYWxnb2Np
IDxtZ2FsZ29jaUByZWRoYXQuY29tPohVBBMRAgAVBQI4kofkAwsKAwMVAwIDFgIB
AheAAAoJEAB9T/kYwkLAfaEAoIRX1aummGDARNOlzpmZTreAgdtYAJ0XBIDapKzd
B7liur+Dsj9xICWKUbkBDQQ4kofuEAQAp0GVQJ2lnJJrSvHYoqa0/Wv+TaGFC/L0
tbZsEcWUTfnALZqwwOldoSvkEPLkfe/dlSqTqT5rh7tZ3CFDm+NRou9hV7DdFrhL
tK/KfSAS9rf+g5ikqbftSAfzJ9QYvunz6k1/uufvwmOox44eGVIk07RTGRRawXxL
CnybWBz8k2sAAwUD/1PgNhH+ek46qUnW+xyPo5cxSQ3GJLehqOs3MWv4Rhkt/I6D
NM314zq2M22/OsqvKl3X+FnFb9JSL/M4EhBWxYYOpYpCbM0nB3ANCLQNpYtjNFr/
n55kV62+lWt3wysZfxb5hWmo0u6W88nqVnTe04zqLdvepfqeChkISGqwzY8OiEYE
GBECAAYFAjiSh+4ACgkQAH1P+RjCQsBqCQCgmLNjBbKkoqOrYgxJsj+1MHj3RYQA
n2lIZBrcAy/zqb3vSUHECap2DR8I
=uptT
-----END PGP PUBLIC KEY BLOCK-----
----------------------------------------------------------------------
- Rick Stevens, Senior Systems Engineer     rstevens at vitalstream.com -
- VitalStream, Inc.                       http://www.vitalstream.com -
-                                                                    -
-   Whoever said "Money can't buy friends" obviously never brought   -
-                        donuts to the office.                       -
----------------------------------------------------------------------

More information about the Redhat-install-list mailing list