I am have a small Ubuntu based file server running in a small business. I set up Samba and I can log in to the server and RW files to the directory on the server from the windows machines. There is, however, another folder within the shared directory which has privileged access permissions. There are 2xWin98 and 8xWinXP machines. Most of the computers are set up to log in as a "normal" user (aka they can RW everything but that one folder). Is there an easy way to be able to switch users so that the privileged user can access that folder from any computer?


Recommended Answers

All 8 Replies

You need to look at the file /etc/samba/smb.conf and you will see the current configuration for the users and shares they are able to access. You would have to change the configuration for the restricted shares to match the unrestricted shares and restart the samba service.

I may need to clarify. I have set up Samba with multiple users, and the server side is working fine. I can log in as different users on different computers and access protected files depending on the user logged in.

My issue is with the Windows client side of the program. I can log in once but in order to log out or switch users I have to log out of my Windows session or restart the computer. Is there a way, in windows, to easily switch users?

Either that or is there some way to make samba prompt a login screen when a protected file is attempted to be accessed, so that a privileged user can log in and access the file or directory?

OK sorry I misunderstood the original question. In this case you could use the Tools, Map network drive, option from explorer along with the samba rights. Then when you create the connection from windows you click the "Connect using a different user name." that is available and put in the inforamtion for the user that is allowed access.

For example on my server at home I have two seperate shared connections to the same directory. For most of the users normal windows logins I set up a connection with read only access to /var/nfs which has the windows name of "Public". However I have a second connection also to /var/nfs called "Admin" that has read/write privileges and only the user rod has access. If I try to connect to it from a standard user it prompts me for user name and password and if I put in my username and password I get access for read and write.

If this is not what you need let me know either here or you could send me a Private message with the samba config attached and I could make a few suggestions.

The way you have your setup is something similar to what I want. I'll pm you my smb.conf file shortly.

Here are some of the entries from the bottom of my smb.conf file. Remember that either # or ; makes the line into a comment.

        path = /var/nfs
        writeable = yes
;       browseable = yes
        valid users = jordan, rod

        path = /var/nfs
        writeable = no
        browseable = yes
        valid users = jordan, kep, lisa, rod

        path = /var/tftpboot
        browseable = yes
        writeable = No
        guest ok = yes

Based on this windows sees the following shared directories on the server: nfs, share, and REMINST.

Windows users map to samba users like this:

Rodney                rod
Jordan                jordan
Lisa                  lisa
David Mitchell        kep

nfs - Can only be attached to by Windows systems without entering a password by Jordan and Rodney and can be written to by both of them. If you browse the windows network you will not see the nfs mapping no matter what user you are you have to know where it is to attach to it. If Rodney or Jordan are on a Windows system logged in as someone else they can still attach to the nfs directory by mapping a network drive (say N:) to the server \\srvr4\nfs and connecting using the option for using a different user name and putting their name and password in.

share - Can only be read by the users Rodney, Jordan, Lisa and David Mitchell but not written to. Anyone browsing the windows network will see the server and if they click the server they will see a directory available called share but only systems logged in as the above users can connect to it by default. Other users wiuld have to attach using one of the four users that have access.

REMINST - Can be seen and read by anyone that connects to the server.

Hope that makes sense.

That does make sense. However, is there a way to easily log off of a samba share in general from windows XP other than logging off the windows session or restart?

Why is browseable commented out on the first instance of the nts directory?


However, is there a way to easily log off of a samba share in general from windows XP other than logging off the windows session or restart?

I am not sure. The only thing I can think of is to map it as a network drive and disconnect when you are done. That will drop the login as a specific user and the mapping so they wuld have to reconnect and supply a password.

Why is browseable commented out on the first instance of the nts directory?

It makes the share invisible to un-authenticated user when browsing the server. Basically it does not show as a possible connection for un-authenticated users if you connect to the server via My Network Places, View Workgroup Computers, Samba on SRVR4 and browse the available shares. Until you authenticate as a user with rights to the share it is invisible and you have to know it exists and put \\srvr4\nfs as the location to map a network drive.

Took about three runs to get that sounding right.. I think I confused myself writing that one LOL......

Let me know if it does not make sense....

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, learning, and sharing knowledge.