SAMBA shares - Share security

[shadow_man]

Hi,

Anyone know if its possibly to mix security types in your SAMBA config.

e.g. security = share (unix credentials) for one share and security = ads (for AD auth on another share).

I've got old shares that I don't really want to change the way they auth for, will probably break a ton of things.

IF not possible then I guess i'll switch all shares to domain users and have to do it that way, was just curious if you could set security on a PER share level and not globally.

 

[Nod]

You could try the "auth methods" parameter.

This option allows the administrator to chose what authentication methods smbd will use when authenticating a user. This option defaults to sensible values based on security. This should be considered a developer option and used only in rare circumstances. In the majority (if not all) of production servers, the default setting should be adequate.

Each entry in the list attempts to authenticate the user in turn, until the user authenticates. In practice only one method will ever actually be able to complete the authentication.

Possible options include guest (anonymous access), sam (lookups in local list of accounts based on netbios name or domain name), winbind (relay authentication requests for remote users through winbindd), ntdomain (pre-winbindd method of authentication for remote domain users; deprecated in favour of winbind method), trustdomain (authenticate trusted users by contacting the remote DC directly from smbd; deprecated in favour of winbind method).

Default: auth methods =

Example: auth methods = guest sam winbind

 

[shadow_man]

You could try the "auth methods" parameter.

Thanks,

That looks good too!

For now i've opted for security = ads with valid domain users per share and then for the shares where I don't need domain access i've opted for guest = yes