Page 278 - DCAP602_NETWORK_OPERATING_SYSTEMS_I
P. 278
Network Operating Systems-I
notes In the following example a UNIX account is being produced for Alice. It details her full name (-c),
her home directory (-d) and prevents her from logging into the Linux server by allocating her a
false shell (-s). This account type will only allow Alice to access the server via the Samba network.
This entry is located in the /etc/passwd file.
[bash]# useradd -c “Alice Jones” -d /home/alice -s /sbin/nologin alice
Alice now requests to be allocated a password for accessing the Samba server. Remember, this is
a separate password to her UNIX account any may be different if necessary.
bash]# smbpasswd -a alice
New SMB password:
Retype new SMB password:
Added user alice
The above command adds (-a) an entry into the “smb password file” and encrypts the password.
Type “smbpasswd alice” to only change passwords.
Alice can now access the server over the network, though there are still no shares defined.
[bash]# grep alice /etc/samba/smbpasswd
alice:4732:01FC5A6BE7BC6929AAD3B435B51404EE:0CB6948805F797BF2A82807973B89537:[
U ]:LCT-41CFEFD8:
If Alice’s account needs to be deleted, the following command can be used. Otherwise her account
can be disabled (-d) or enabled (-e) as required.
[bash]# smbpasswd -x alice
Deleted user alice.
14.6.1 mapping Different usernames
There may be a requirement wherever the samba username being used to access the server does
not match the same UNIX account username, or you would like to force a change between the two
different account types. This can easily be done by implementing the “username map” directive
into the [global] section of the main configuration file.
[bash]# vi /etc/samba/smb.conf
[global] username map = /etc/samba/smbusers
The username map characteristic is fairly simple, the file takes a UNIX account name on the left
hand side and Samba account names on the right hand side (separated by “=”). The username map
allows those NT accounts listed on the RHS to be granted the access rights and file permissions of
the UNIX account on the LHS when they connect to a resource.
In the following example:
1. The NT usernames “administrator” and “admin” will be mapped to the UNIX “root”
account,
2. The NT usernames “guest”, “pcguest” and “smbguest” will be mapped to the UNIX
“nobody” account,
3. The NT username “alice” will be mapped to the UNIX “alice.jones” account,
4. All four NT Users (glen, fred, terry and sarah) will be mapped to the single UNIX “readonly”
account, and
5. The NT username “Lachlan Smith” will be mapped to the UNIX “lachlan” account.
272 LoveLy professionaL university
