smb.conf (a little help please)

Justin Willmert justin at jdjlab.com
Fri Jul 28 13:19:46 UTC 2006 

jdow wrote:
> From: "Justin Willmert" <justin at jdjlab.com>
> ...
>>>> Generally I have found it's awkward to impossible to write to a
>>>> windows machine unless the account and smbpasswd entry match one
>>>> on the windows machine. Mounting usually works best if I use the
>>>> form that includes the username and password to use when mounting
>>>> the share.
>>>>
>>>> {^_^}
>>>>
>>>>     
>>> I have had the same experience... could not write to the directory
>>> unless the logon sequence was a user on the MS machine as well as the
>>> appropriate password. 
>>> Greg
>>>
>>>   
>> Let me guess, the MS machine was Windows XP Pro with simple file 
>> sharing turned off? You need to make sure the "Everybody" group has 
>> nearly full permissions when going to the security tab. Or (might not 
>> work; kind of guessing here) you can turn on simple file sharing, 
>> unshare the directory, reshare it (and watch permissions get applied 
>> to all the files), and then it might work. Then you should be able to 
>> mount the share with any username (except a windows-known user with 
>> incorrect password) and password and it should work.
>
> GACK! CHOKE! ARGH! Sinple file sharing is enough. But do NOT create
> an anybody group with a lot of permissions. Windows is open enough to
> cracking as it is. There is no sense opening it up even farther even
> if you hate the damn thing. Any hacked Windows machine is a pain in
> the sit down part of the anatomy for virtually every ISP and email
> manager in the world. Please don't create a risk of adding to that
> problem. {O.O}
When I said to set the Everybody group, I of course meant you do that 
only with Windows machines inaccessible from the internet, secured 
behind a firewall, and used for a small home network where there won't 
be more than 10 computers. If the network the Windows computer are on is 
in an environment where outside users can get into the network, then 
feel free to follow jdow's choking and don't allow the Everybody group 
permissions.

Just wanted to clear up what I meant. Many people on the list are 
probably in business environment, while I'm here at home fiddling with 
my home server before I go back to school. Different thought contexts.

Justin

More information about the users mailing list