Hi folks. I’ve just registered here to ask this:
I’ve got openSUSE 11.4 x64.
I’ve got Samba 3.5.7.
The point is to hide the shares that are inaccessible to a particular user.
In a config file, I added the access based share enum = yes parameter, but the problem is that thai it doesn’t make any sence: the shares with restricte access are visible by everyone.
Here’s my smb.conf (kind of):
[global] workgroup = COMPANY realm = COMPANY.COM server string = MyServer netbios name = MyServer security = ADS map to guest = Bad User deadtime = 1 load printers = No printcap name = /dev/null disable spoolss = Yes show add printer wizard = No logon path = \%Lprofiles.msprofile logon drive = P: logon home = \%L%U.9xprofile os level = 0 local master = No domain master = No dns proxy = No idmap uid = 10000-40000 idmap gid = 10000-40000 template shell = /bin/bash winbind cache time = 1440 winbind enum users = Yes winbind enum groups = Yes winbind use default domain = Yes winbind refresh tickets = Yes printing = bsd cups options = raw print command = lpr -r -P'%p' %s lpq command = lpq -P'%p' lprm command = lprm -P'%p' %j [TestFolder] path = /var/TestDir valid users = ivanov, petrov, sidorov write list = ivanov, "@Domain Admins" create mask = 0666 directory mask = 0777 hide unreadable = Yes access based share enum = Yes
Furthermore, an smbclient -k -L MyServer run from a notebook which is not in AD lists all the shares on MyServer.
The filesystem rights to /var/TestDir are 777, though it shouldn’t matter, according to a share enum parameter description in man pages. AD DS are deployed on a Windows Server 2003, wbinfo -g and -u list domain users and groups correctly.
What am I doing wrong? How to hide shares which are inaccessible to a particular user?