Page 287 - DCAP602_NETWORK_OPERATING_SYSTEMS_I
P. 287
Unit 14: File Server
groups notes
Groups define a collection of computers or users which have a common level of access to particular
network resources and offer a level of granularity in controlling access to such resources. For
example, if a group qa is defined and contains the users freda, danika, and rob and a second
group support is defined and consists of users danika, jeremy, and vincent then certain network
resources configured to allow access by the qa group will subsequently enable access by freda,
danika, and rob, but not jeremy or vincent. Since the user danika belongs to both the qa and
support groups, she will be able to access resources configured for access by both groups, whereas
all other users will have only access to resources explicitly allowing the group they are part of.
When defining groups in the SAMBA configuration file, /etc/samba/smb.conf the recognized
syntax is to preface the group name with an “@” symbol. For example, if you wished to define
a group named sysadmin in a certain section of the /etc/samba/smb.conf, you would do so by
entering the group name as @sysadmin.
group policy
Group Policy defines certain SAMBA configuration settings pertaining to the Domain or
Workgroup computer accounts belong to, and other global settings for the SAMBA server. For
example, if the SAMBA server belongs to a Workgroup of Windows computers called LEVELONE,
then the /etc/samba/smb.conf could be edited, and the following value changed accordingly:
workgroup = LEVELONE
Save the file and restart the SAMBA daemons to affect the change.
Other important global policy settings include the server string which defines the NETBIOS server
name reported by your Ubuntu system to other machines on the Windows-based network. This
is the name your Ubuntu system will be recognized as by Windows clients and other computers
capable of browsing the network with the SMB protocol. Additionally, you may specify the name
and location of the SAMBA server’s log file by using the log file directive in the /etc/samba/
smb.conf file.
Some of the additional directives governing global group policy include specification of the global
nature of all shared resources. For example, placing certain directives under the [global] heading
of the /etc/samba/smb.conf file will affect all shared resources unless an overriding directive is
placed under a particular shared resource heading. You specify all shares are browseable by all
clients on the network by placing a browseable directive, which takes a Boolean argument, under
the [global] heading in the /etc/samba/smb.conf. That is, if you edit the file and add the line:
browseable = true
under the [global] section of /etc/samba/smb.conf, then all shares provided by your Ubuntu
system via SAMBA will be browseable by all authorized clients, unless a specific share contains
a browseable = false directive, which will override the global directive.
Other examples which work in a similar manner, are the public and writeable directives. The
public directive accepts a Boolean value and decides whether a particular shared resource is
visible by all clients, authorized or not. The writeable directive also takes a Boolean value and
defines whether a particular shared resource is writable by any and all network clients.
LoveLy professionaL university 281
