I’ve tried different options to get a SAMBA Server with the following requirements on openSUSE 10.3 running:
Multi users from different Windows and Linux Hosts should be able to connect the SAMBA shares on the server.
Authentification should be based on an account basis
In most cases a set of SAMBA shares will be connected by batch script from the client
If a share is getting connected from Windows (e.g. XP) an account name and a password have to be provided
Additionally to the main SAMBA shares, some users should have the possibility to connect further shares with a second account and password, This should also work on XP clients.
I’ve tried on previous SUSE Linux versions to set up a SAMBA server and a second one listening to an IP Alias and split the access rights on that basis. But obviously I did not cover all required configuration options.
The last try was to use SAMBA netbios aliases and the general config option “include = /etc/samba/smb-%L.conf”. The first connection via the netbios name works, but when connecting via the netbios alias, always the netbios name occurs in the log.smbd
file.
A simple configuration works perfectly. Only second user with individual permissions does not work. Searching the Web results with different comments on XP not supporting 2 different SAMBA login accounts at the same machine at a single time.
I would be very happy about any comments on that topic, or any example configurations.
>
> Hello,
>
> I’ve tried different options to get a SAMBA Server with the following
> requirements on openSUSE 10.3 running:
>
>
> - Multi users from different Windows and Linux Hosts should be able
> to connect the SAMBA shares on the server.
> - Authentification should be based on an account basis
> - In most cases a set of SAMBA shares will be connected by batch
> script from the client
> - If a share is getting connected from Windows (e.g. XP) an account
> name and a password have to be provided
> - Additionally to the main SAMBA shares, some users should have the
> possibility to connect further shares with a second account and
> password, This should also work on XP clients.
>
>
> I’ve tried on previous SUSE Linux versions to set up a SAMBA server and
> a second one listening to an IP Alias and split the access rights on
> that basis. But obviously I did not cover all required configuration
> options.
>
> The last try was to use SAMBA netbios aliases and the general config
> option “include = /etc/samba/smb-%L.conf”. The first connection via the
> netbios name works, but when connecting via the netbios alias, always
> the netbios name occurs in the log.smbd
> file.
>
> A simple configuration works perfectly. Only second user with
> individual permissions does not work. Searching the Web results with
> different comments on XP not supporting 2 different SAMBA login
> accounts at the same machine at a single time.
>
> I would be very happy about any comments on that topic, or any example
> configurations.
>
> Thanks in advance for any support,
>
> Michael
>
>
Michael;
Is this a domain or simple workgroup?
I’m not sure if this will work for you, meet your requirements or even work.
Consider it a speculative suggestion. In Windows, it is possible to assign
different credentials for different servers. control panel–>user
accounts -->advanced–>manage passwords. Thus if you use the “netbios alias”
configuration in samba, the user would connect with different credentials to
different NetBios names (I think). You can use the “valid users” to control
the shares. I do not think this, from a security point of view, is much
different than simply limiting share access on a per user or per group basis.
But I think it will show up in the logs as two different users attaching to the
shares. From Linux a credentials file should provide similar behavior.
I’m afraid I do not quit grasp the difference between what you want and simply
controlling share access via user or group. i.e. group “peon” can access
shares A,B and C and group “bigcheese” can access shares A,B,C,D and E.