Setting up samba shares.

scjvsTP · 02-01-2006, 12:16 PM

Ok, here is what I want to do. When you connect to the Samba server on a Windows machine, there will be a Home folder and the printer I have shared visible. Guests are allowed to access the printer but not the Home folder. When a user opens the Home folder, Windows will ask for their user name and password and then show them their folder on the Samba server. Users folders are stored in the /smbshares directory. In the directory is a folder with the same name as the corresponding username. Can anyone tell me how I can achieve this? Right now, if you open the Home folder it just lists all the users share folders. Here is my smb.conf file so far.

Code:

[global]
	workgroup = TP
	map to guest = Bad User
	unix password sync = Yes
	printcap name = cups
	add user script = /usr/sbin/useradd -m %u
	delete user script = /usr/sbin/userdel -r %u
	add group script = /usr/sbin/groupadd %g
	delete group script = /usr/sbin/groupdel %g
	add user to group script = /usr/sbin/usermod -G %g %uadd machine script = /usr/sbin/useradd -d /dev/null -g samba-clients -s /bin/false -M %u
	logon path = \\DARLAP\smbshares\%U
	logon drive = P:
	logon home = \\DARLAP\%U
	domain master = No
	wins support = Yes

[Home]
	comment = Users home directory
	path = /smbshares/
	valid users = %U
	admin users = root
	read only = No
	create mask = 0600
	directory mask = 0700
	inherit acls = Yes
	only user = Yes
	veto files = /aquota.user/groups/shares/

[print$]
	comment = Printer Drivers
	path = /var/lib/samba/drivers
	write list = @ntadmin, root
	force group = ntadmin
	read only = No
	create mask = 0777
	directory mask = 0775
	guest ok = Yes

[LaserLexmark]
	comment = LaserLexmark
	path = /var/spool/samba
	printer admin = root
	read only = No
	create mask = 0700
	guest only = Yes
	guest ok = Yes
	printable = Yes
	printer name = LaserLexmark
	use client driver = Yes
	oplocks = No
	share modes = No

Dudydoo · 02-01-2006, 02:29 PM

Just glancing over your config file, under the [Home] share, I think you need 'path = /smbshares/%U'

Dmjmusser · 02-01-2006, 06:20 PM

If you want the Samba users to ONLY be able to see THEIR one share, then you'll want to do something a bit differently.

There is a meta-service (share) in Samba called [homes]. You might want to use this instead of creating your own share called home. What will then happen is this:

-the user will direct their explorer browser to the server
-Samba will then prompt the user for their username/password
-once authenticated, the user will see their home directory share and the printing services that you've set up.

Here's an excerpt of my smb.conf file:

[homes]
comment = My Home Dir
valid users = %S
read only = No
browseable = No

Create your Samba and Unix usernames, and you'll be all set. You don't need to worry about options like read only = or writeable = or create mask =, as no one but the user will be able to see their home share.

~Myles

scjvsTP · 02-02-2006, 11:50 AM

Thats not quite how I want it to work. The way it should work is like this.

User connects to server on Windows. They are not yet prompted to login. This is so anyone can use the printer without a username or password.

A folder called Home is visible, when you go to open this folder, you are prompted for a username and password. The user then logs on, and are redirected to their home directory.

amitsharma_26 · 02-02-2006, 12:44 PM

Quote:

Originally Posted by scjvsTP

Thats not quite how I want it to work. The way it should work is like this.

User connects to server on Windows. They are not yet prompted to login. This is so anyone can use the printer without a username or password.

A folder called Home is visible, when you go to open this folder, you are prompted for a username and password. The user then logs on, and are redirected to their home directory.

You could achieve exactly this by setting up your samba server in security = share mode. Due to this you could get prompted for password on folder.

For printer you could set map to guest access or guest only access by setting up proper parameters.

Now we some intersting things to do..
First You have to go to network neighbourhood to look for your home folder & you have to set your home metaservice name to some other than by default [homes], you could set it as [home].

I'll post more & detailed info on this tommorow.

I am in a hurry right now. Sorry.

Cheers
Amit..

scjvsTP · 02-02-2006, 01:08 PM

I am getting closer. I added security = share to the [global] section and now it requires the user to log on when trying to access the folder. The only problem is that it never logs on. It acts like the username and/or password is incorrect. I haven't changed any user account options, and I have been able to log on to the server when I had it set up slightly different before.

amitsharma_26 · 02-03-2006, 01:03 AM

Now you should refer to your logs & just see how does the communication occurs in share mode. By the time you'll understand how does it work, you would get it solved.

Otherwise post your logs.

scjvsTP · 02-03-2006, 11:00 AM

I looked in my log.smbd file and there wasn't anything in it relating to logging on. I cleared the file then tried logging on again. Nothing was added to it. Are there any log files that I don't know of.

Dmjmusser · 02-03-2006, 01:07 PM

I've got a number of log files for my Samba server. Check the /var/log/samba directory and see if there are any more log files in there for ya.

~Myles

amitsharma_26 · 02-04-2006, 05:45 AM

You should specify customised logging key-value pairs to get logs as you need them.

Kindly go thru the last section of my blog.. www.amitsharma.linuxworld.com/how_to_samba.htm for exact configuration.

After doing that, do again your normal samba working & then refer your samba logs & post them.