Nice explanation of what/how to do this, Donna. Say, can you set some
paver-stones for a patio (10' X 12' rectangle please)...I need to do
this at my house, and if you do it first and put the instructions here,
I'm sure I'll have no problems when I go to do mine.
8-)
Have a great week!
Ray Shahan
-----Original Message-----
From: HP-3000 Systems Discussion [mailto:[log in to unmask]] On
Behalf Of donna garverick
Sent: Tuesday, July 25, 2006 8:22 AM
To: [log in to unmask]
Subject: Re: [HP3000-L] Samba and a 918
--- Robert Mills <[log in to unmask]> wrote:
> The following is from the Samba 2.2.8a (sadly it requires that you to
> be on 6.5 or higher) page on Jazz:
the i&i products (including samba) tended to be pretty os version
independent. it's not a hard & fast rule...but usually you can get
away with putting i&i products on older releases of the os.
however....
> "Previous versions of Samba on MPE could only perform SMB
> authentication using plaintext passwords which certain versions of
> Windows could only support via the registry modifications described
< in the /usr/local/samba/docs/Registry directory. Because passwords
> were transmitted over the network in plaintext, this constituted
> somewhat of a security exposure that some customers were not willing
> to risk."
>
> I think that this might be the source of your problem.
i think so too....but (afaik) it has nothing to do with being on 6.0.
in order to log on as a specific user, you have to define that user to
samba. additionally, the password you give (when adding the user to
samba) has *nothing* to do with that user's mpe password (kinda spooky
:-) nor does this password have to comply with mpe requirements (like
length or character restrictions (even more weird)).
in the shell -- as manager.sys -- navigate your way to
/SAMBA/SMB228A/bin
the program you want is smbpasswd. here's the help text:
/SAMBA/SMB228A/bin: ./smbpasswd -h
When run by root:
smbpasswd [options] [username] [password]
otherwise:
smbpasswd [options] [password]
Version: 2.2.8a
options:
-L local mode (must be first option)
-h print this usage message
-s use stdin for password prompt
-c smb.conf file Use the given path to the smb.conf file
-D LEVEL debug level
-r MACHINE remote machine
-U USER remote username
extra options when run by root or in local mode:
-a add user
-d disable user
-e enable user
-m machine trust account
-n set no password
-x delete user
-j DOMAIN join domain name
-t DOMAIN change trust account password on domain
-S DOMAIN Retrieve the domain SID for DOMAIN
-R ORDER name resolve order
-W S-1-5-... Write the SID S-1-5-... to the secrets file
-X SERVER|DOMAIN Extract SID for SERVER or DOMAIN from the
secrets file
the option you want is '-a'. i've always added users in all upper as
USER.ACCOUNT. i'm not sure that case makes a difference...but otoh,
i've not had any problems. on the windows side, i can enter
'user.account' and it works. ymmv... you can do user mapping so that
'jdunlop' (from windows) becomes 'mgr.acct' for samba. it is an extra
layer of complexity so give it some thought before proceeding.
once this samba-only password is set for the user, you can't look it up
(it's encrypted) so select the password with care. oh -- and it's
case-sensitive too!
here's an example of how i typically set-up an account for samba:
[acct]
comment = config access for MGR.ACCT
# grant access to the ACCT account tree
path = /ACCT/
# require user validation by password
guest ok = no
# allow read and write access
write ok = yes
# create new files with rwxr--r-- permissions
create mask = 0744
# only accept connections as mgr.acct
valid users = mgr.acct
# check passwords against mgr.acct only
user = mgr.acct
only user = yes
# don't hide this share from network neighbourhood
browseable = yes
(i only allow guest in the default samba areas) hth - d
Donna Garverick, HP-CSA Sr. System Programmer
dgarverick -at- longs -dot- com
925-210-6631 Longs Drug Stores
Come, my friends, 'Tis not too late to seek a newer world.
Tho' much is taken, much abides; and tho'
We are not now that strength which in old days
Moved earth and heaven, that which we are, we are.
"Ulysses", A. Tennyson
>>>MY opinions, not Longs Drug Stores'<<<
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
* To join/leave the list, search archives, change list settings, *
* etc., please visit http://raven.utc.edu/archives/hp3000-l.html *
* To join/leave the list, search archives, change list settings, *
* etc., please visit http://raven.utc.edu/archives/hp3000-l.html *
|