samba configuration file

[Koal.T]

Hi,

I am a bit mystefied when it comes to samba, so can you help create me a samba config file to do the following? thanks...

so the network is windows xp home or pro (mostly) , 2000 (a bit of), 98 (2 machines) or RHL9 (1 machine). there is also some freebsd web servers.

I want it to allow the windows users on the xp access to their folders on the rhl9 server.
the users are local users and there is no profiles. there are 5 users in total, and each pc has each user on the xp ones. the red hat also has the 5 accounts and root, the bsd and 2000 machines don't really need to be included in this.

so XPWS01\Fred needs access to \\server\fred or something which are located on /home/fred on the server and XPWS02\Fred also to be able to. XPWS01\Bob can access \\server\bob which is /home/bob. each 5 users has their own files... they can edit, make, delete, rename, etc all their files but only theirs and if they go to \\server\anne they can't read it unless they are anne.

an account (part of the 5 users) is called sysadmin who needs access to their own files, plus everyone elses. there also needs to be a shared folder like in windows xp. I want to be able to map the drives via a subst to z:/ for each user when they log in.

printers are attached to various computers and one is on a print server. I want to attach an HP deskjet 940c via USB or parallel to the red hat server and have that accessible to all the computers like the windows printers are now.

DNS wise, the internet firewall is 192.168.0.2 and the RHL9 server is 192.168.0.1 so the internet settings need to be set to the net firewall if that applies at all..

I hope you can help, thanks, Koal

[pbharris]

hi koal.
here is what i used to use, it should work mucj like you describe - i have not used it w/ rh 9 or MS WIndows XP though.

Code:

Global parameters
        workgroup = HARRIS
        server string = Samba Server
        security = USER
        log file = /var/log/samba/log.%m
        max log size = 50
        socket options = TCP_NODELAY
        dns proxy = No
        guest account = guest
        print command = lpr -r -P%p %s
        lpq command = lpq -P%p
        lprm command = lprm -P%p %j
        encrypt passwords = yes
        printcap name = lpstat
        printing = cups

[homes]
       comment = Home Directories
       path = /home
       writeable = yes

[printers]
        comment = All Printers
        path = /var/spool/samba
        print ok = Yes
        browseable = No

[tmp]
       comment = Temporary stuff
       path = /tmp
       guest ok = Yes

[lp]
        comment = Printer
        path = /var/spool/samba
        read only = No
        guest ok = Yes
        print ok = Yes
        printer name = lp
        oplocks = No
        share modes = No


[music]
       path = /oggs
       guest ok = Yes
       read only = Yes

[Koal.T]

can you set an admin XP user for that or only RH9 root can access all the folders?

[nukes]

If you're not comfortable with editing config files like this, I'd take a look at SWAT (Samba Web Administration Tool I think) its availiable from samba.org and may well already be installed on your system. It makes all this stuff easy. But anyway:
To specify which users can access each share, you need to set them up. To create a user, use smbuseradd (the binary name may be slightly different on your distro depending on the version of samba etc) To set a password for a user, use "smbpasswd username" where username is the name of the user.
Finally, to limit access to shares based on username do something like this in your /etc/samba/smb.conf:

Code:

valid users = fred
writable=yes

inside the share definition. This will give only the user FRED access to the share.
In addition to these things, you will need to set the security model to "user" but I've just accidentally deleted my /usr and can't boot atm to check the settings. Its all commented in the actual file. plus there's the man pages.

[flashingcurser]

One way off the top of my head (there is probably alot better way of doining this):

1. Make a user for the admin --dont call it admin--call it billy (or anything else).
We'll use the example user "dan"

2. Make a group for each user. Like this:
groupadd dan

After adding each group edit your /etc/group
vim /etc/group
--inlude billy and dan in the dan group

(dan will still be a part of the "users" group)

Do this for each user.

3. chown "dan" 's /home/dan from
dan:users
to
dan:dan
with
chown dan.dan /home/dan

4. Now to set permisions on the directorys, I would use this:
chmod 761 /home/dan

This gives read/write privliges to the "dan" group which includes dan and billy, and the owner has read/write/execute

this will give root complete controle (it always does ), it gives dan permisions to his own files (because he is the owner) and because billy is in each group he also has access to the files.

5. For samba I would use swat as mentioned above. From CLI:
lynx localhost:901
Or any webbrowser
Set up your shares through the web interface--also dont forget to add the users into swat/samba for passwords (client for ms logins) Make sure the user name and passwords are the same in win and linux for billy and dan (and others). Make sure regular users can access their own files.

6. Edit the samba.conf
vim /etc/samba/samba.conf
add to each share that billy needs access to:
guest ok = Yes
guest account = billy


Like I said there are probably much easier ways of doing it--this is just one way I could think of. Maybe others will come up with a better way.



dan

[flashingcurser]

Actually a better way is to use PuTTy in windows to make a SSH connection to your linux server. Login with a user and then su to do all your admin.

[Koal.T]

yea but too tricky for office workers (soho style)