Craig White wrote: > On Fri, 2008-10-03 at 15:48 -0700, Eric Shubert wrote: >> Craig White wrote: > >>>>> Are you saying this operational configuration is not possible or just >>>>> a bad idea? >>>> Sounds like it'd be possible using Share-Level Security "security = share". >>>> See >>>> http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/ServerType.html#id2552417 >>>> >>> ---- >>> NO - don't use security = share >>> >>> Craig >>> >> I don't think would, Craig. >> >> Question though, is how does one use samba authentication (aka standalone >> server with separate authentication) while already logged into a windoze domain? > ---- > Yes, Windows domain authentication is designed to give a single-sign-on > authentication method and if the samba server is not connected to the > domain either via security = [server | ads ] or via winbind, it's going > to be a bit confused of a setup. > > If the samba server is not joined to the domain, then I would set the > workgroup of that samba server to something other than the Windows > domain and set security = user and then each user would have to > authenticate to it separately as the domain credentials would be > meaningless. Sort of like having a Windows XP Home system which is also > not capable of participating in a Windows Domain security model. > > I have on occasion resorted to stupid dos command line scripts to > connect Windows XP Home systems like this (from memory, please verify) > > net use f: \\SERVER_NAME\SHARE /USER:SAMBA_USER_NAME > > and it will prompt for the password and that script can be put into > 'Startup' to execute on login. > > Also, managing users/groups separately is another burden as now you > would have at least two places to maintain when adding/deleting users > and groups. > > Craig > I suspect for this scenario you'd also want to use domain master = no domain logons = no in the configuration, yes? -- -Eric 'shubes' --------------------------------------------------- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss