Manualshelf

System information

ManualsBrandsRed Hat ManualsComputer equipmentNETSCAPE ENTREPRISE SERVER 6.1 - 08-2002 ADMINISTRATOR
71727374757677787980
60 Deploying Samba on IBM Eserver BladeCenter
Global security settings
The global security settings will look similar to what is shown in Example 4-3.
Example 4-3 Global security settings
security = user
; password server = <NT-Server-Name>
encrypt passwords = yes
smb passwd file = /etc/samba.d/smbpasswd
The parameters are described in Table 4-3.
Table 4-3 Security parameters
The security modes are as follows:
򐂰 Share - in this security mode, clients only need to supply the password for the resource.
This mode of security is the default for the Windows 95 file/print server. It is not
recommended for use in UNIX environments, because it violates the UNIX security
scheme.
򐂰 User - the user/password validation is done on the server that is offering the resource.
This mode is most widely used.
򐂰 Server - the user/password validation is done on the specified authentication server. This
server can be a Windows NT server or another Samba server. Each username must be
associated with a UNIX user.
򐂰 Domain - this is the same as server security level with the additional requirement that the
server is part of a domain. All user/password validation is done by the Primary or Backup
Domain Controller. Since the server is part of a domain, it can anticipate in trust
relationships. Also, Samba generates a UID and GID based on the information returned
by the Primary Domain Controller.
How to create the encrypted password file and manage user IDs is discussed in 4.3,
“Encrypted password file” on page 76.
Global name resolution settings
The global name resolution settings will look similar to what is shown in Example 4-4.
Example 4-4 Global name resolution settings
name resolve order = wins lmhosts bcast
wins support = yes
; wins server = w.x.y.z
Parameter Description
security This parameter affects how clients respond to Samba. The four possible
values are: share, user, server, domain. Default settings is user.
password server When the security parameter is server or domain, Samba will do all
username/password validation via this SMB server. The parameter value
must be the server NetBIOS name.
encrypt passwords This parameter controls whether Samba uses the Encrypted Password
Protocol when negotiating with clients. This is required to communicate with
Windows NT Service Pack 3, Windows 2000, and Windows 98 clients.
smb passwd file This parameter specifies the encrypted SMB password file.