< Day Day Up > |
New variables in the Samba configuration file
As with the current version of Samba, the behavior of Samba 3.0 and Linux depends on the configuration as defined in the main Samba configuration file. In Red Hat Linux 9, that file is located in /etc/samba/smb.conf. Samba 3.0 includes a number of new defaults as well as newly configurable variables.
The following highlights will give you more of a feel of what you can do with Samba 3.0. The behavior of some of the variables that you've seen in this book changes for Samba 3.0.
encrypt passwords: Passwords are now encrypted by default. If you want to accommodate those older Windows operating systems that can't handle encrypted passwords, you'll have to add the following line to smb.conf:
encrypt passwords = no
winbind uid, winbind gid: These variables have been replaced by idmap uid and idmap gid. The new variables support mapping to NT user and group SIDs.
add user script: This command is replaced by add machine script; the default version of this command no longer assigns the computer account to any specific group.
Naturally, there are a number of new variables that you might find useful when you incorporate Samba 3.0 into your network. Some of the more interesting variables related to user names and passwords include the following:
add group script: Supports creation of Windows Domain groups on the local Linux computer. Closely related to delete group script.
add user to group script: Supports adding a Samba-enabled user to a Windows Domain group on the local Linux computer. Closely related to delete user from group script.
auth methods: If you have multiple user name/password authentication databases, this variable allows you to set the search order.
passdb backend: Allows you to switch between password databases. The default uses the smbpasswd command. You can also set up this variable to look at the passwd.tdb database for a stand-alone server, or a database that conforms to LDAP.
realm: Lets you specify the Kerberos 5 server to use for authentication with an associated LDAP database.
set primary group script: Allows administrators to set a primary group for a new user.
You can also use several new Samba configuration variables to manage the files that are shared with clients on the network. Some of these variables include the following:
hide special files: Linux includes a number of special files that you may not want to share, such as devices.
hide unwritable files: You can minimize the frustration of some users by hiding readonly files from browse lists. Naturally, this is not a good idea if you've shared a directory that is supposed to be read-only.
map acl inherit: Supports mapping from a Microsoft Windows ACL.
No comments:
Post a Comment