Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
When I set security = share in samba, home directories do not show up in "my network places" on Windows boxes.
When I set security = user the appropriate home directory shows up for the appropriate user.
Problem is, security = share allows the window on the Linux box to open and populate very quickly, while security = user causes a delay of up to 30 seconds before the window is open and populated.
Ideally I could have fast response AND have the proper home directory appear. Anyone know how I should set things? Here is the global section of my smb.conf. Testparm is happy with it.
ldap ssl = yes
passwd chat = *New*UNIX*password* %n\n ReType*new*UNIX*password* %n\n *passwd:*all*authentication*tokens*updated*successfully*
passwd program = /usr/bin/smbpasswd %u
user = jiml,monica,lali,julie,jimuser
root preexec close = no
allow hosts = 192.168.0.
dns proxy = no
printing = cups
print command = lpr-cups -P %p -o raw %s -r # using client side printer drivers.
default = homes
workgroup = HOMEGROUP
debug level = 0
os level = 33
printcap name = cups
security = user
max log size = 50
log file = /var/log/samba/log.%m
load printers = yes
smb passwd file = /etc/samba/smbpasswd
socket options = TCP_NODELAY SO_SNDBUF=8192 SO_RCVBUF=8192
map to guest = never
domain master = no
encrypt passwords = yes
dead time = 0
password level = 0
printable = Yes
server string = Dadsbox
password server = %m
only user = yes
message command = csh -c 'xedit %s;rm %s' &
unix password sync = yes
domain logons = no
pam password change = no
netbios name = Dadsbox
remote browse sync=192.168.0.255
remote announce = 192.168.0.255
wins support = yes
dns proxy = no
The remote options are for sending browsing broadcasts to *another* subnet. If your Windows PCs are on the same subnet as your server then you should remove these.
Also, you should set the OS Level to 65. The default of 33 is so that any real Windows system will "outrank" your Samba server rather than Samba automatically taking control of network browsing. In this case you do want Samba to outrank all of the Windows systems and become browse master for your network.
Edit: Security = share is strictly to emulate Windows 95, so you should definitely set security = user.
The window is populated by the system using WINS or NetBEUI browsing to get a list of what's on the network.
You've already enabled WINS support on the the server, and this should work fine with the OS Level set correctly. You will also have to add the IP address of the Samba server in the WINS section of the TCP/IP networking properties (you need to click "Advanced" to get to it) on each Windows system - I forgot to mention this bit.
Making these changes has greatly improved performance of shares that have been mapped as network drives in Windows, but doesn't help at all when merely browsing shares via network neighborhood. I suppose I just have to live with it. Thanks for your help.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.