Differences between version 35 and predecessor to the previous major change of SambaNotes.
Other diffs: Previous Revision, Previous Author, or view the Annotated Edit History
| Newer page: | version 35 | Last edited on Monday, November 20, 2006 1:31:36 am | by BenStaz | Revert |
| Older page: | version 32 | Last edited on Friday, July 14, 2006 12:11:52 am | by AristotlePagaltzis | Revert |
@@ -28,8 +28,13 @@
The last one is important as many older firewall setups may not be aware of it, given that this port was only added to the protocol in recent years.
For more information on the use of port 445, go to http://www.petri.co.il/what_is_port_445_in_w2kxp.htm
+
+!!Allowing an entire group to access a samba share.
+Under the appropriate share in /etc/samba/smb.conf do:
+*valid users = @<group>
+
!!!Samba Strangeness (or "How do I fix this?")
!!Printing jobs from windows clients leaves a "ghost" job in the queue.
@@ -40,8 +45,17 @@
!!Unable to login to samba - logs show "nobody" being auth'd instead of user.
This is probably a symptom of having usernames with mixed case. If this is so, you need to modify the ~[global] section of smb.conf with the parameter <tt>username level = 3</tt>.
You may need more, depending on your pattern of usernames. This parameter tells samba to try at least $username_level initial caps in the supplied name. For example, I had a site where the username pattern matched Y~[0-2]name. In this case, I needed to set username level to 1, to catch the initial uppercase character. Needless to say this would not be necessary if Windows clients would behave and send the username exactly as provided...
+
+!!Rules to Remember Regarding Permissions.
+For a user in group 'leech' for example, if he wants to access a samba share, then to browse and access files, all parent directories must have their group permissions set as read and execute and either him or one of the groups he is in should own them. If not, then a samba client will not be able to access the share.
+
+Read permission ("r") means that you can list the directory- for example, use "ls" on it. But that's all it means. If you only have read permission on a directory you can't cd to that directory, you can't copy files to that directory etc.
+
+You need execute permission ("x") if you want to read files in that directory, copy it elsewhere, or delete it.
+
+If the group permissions are set to execute only, then the user will not be be able to browse the share but they will be able to directly access files. ie : supply a full path.
!!Print Queue in Windows 2000/XP shows "Access denied, unable to connect".
This drove me insane. I now have the answer:
