Re: samba query

Hi,

How can I make samba only accept log ins, if the password
supplied by
the client, matches that username on the server? eg. blank or wrong
passwords shouldn't be allowed access to the server, so how do I
enablethis? It seems samba by default accepts blank passwords,
and lets the
client mount the share, or even if the password is wrong.

Also, will this behaviour that I am asking about be compatible
with win
xp? I'll add a user on the linux server, with the same user name
as the
xp one, will the xp client be able to connect?

Thanks,
Dan.

This works fine for me.  You might simply be missing a line in your config file or something.

In your smb.conf:

    # Guest account
    guest account = smbguest

    # Security mode
    security = user

    # Passwords
    encrypt passwords = true
    smb passwd file = /etc/samba/smbpasswd
    unix password sync = Yes
    passwd program = /usr/bin/passwd %u
    passwd chat = *New*password* %n\n *Retype*new*password* %n\n *passwd:*all*authentication*tokens*updated*successfully*
    pam password change = yes

    # User authentication
    username map = /etc/samba/smbusers
    obey pam restrictions = yes

    # Anonymous users mapped to guest user
    map to guest = bad user

In your smbusers file, map Linux usernames to Windows usernames:

    smbguest = "guest"
    myuser = "My User"

So the Windows user "My User" would get mapped to the Linux user myuser.  You can specify passwords for the Samba users using smbpasswd:

    smbpasswd -c /etc/samba/smb.conf myuser

And just replace /etc/samba with the path to your smb.conf file if it is different.

This works fine for me from Windows XP.  When I access a Samba share I get prompted for the password, and if I put in an incorrect password then I get re-prompted a few times and eventually locked out (technically I get mapped to the Samba guest user, but my guest user has no access).  If I put in the correct password then itall works fine.

Hope this helps.

    - Dave


Relevant Pages