download

Network Services—Local Network ServicesAuthenticationThe recent example shows that we can set up shares for specific users that wouldbe authenticated over the network and granted access according to specifiedaccess policies.SAMBA can authenticate users with a local password database, or a password serverthat you may configure for this reason. The password server can be a WindowsActive Directory, Windows NT Domain Controller or even LDAP.In most simple deployments, administrator chooses the local password databaseto store user passwords. This local password database can be maintained using thesmbpasswd(8) utility. Using this utility you can add, delete, enable, disable, andchange users' password for the users you configure to access SMB shared overthe network.# smbpasswd –a babakNew SMB password:Retype new SMB password:startsmbfilepwent_internal: file /usr/local/etc/samba/smbpasswd didnot exist. File successfully created.Added user babak.This will add a new user named babak to samba's local password database at /usr/local/etc/samba/smbpasswd.In the local authentication scheme, the user should also exist in thesystems password database (the /etc/passwd file) before you canactually add it to SAMBA's password database. Otherwise, it fails to addthe user.Samba Web Administration Tool (SWAT)SWAT, as the name mentions, is the web administration tool to manage SAMBAconfiguration such as managing shares, users, and so on.SWAT makes your life easier, on busy servers in which you have many shares orusers to manage. SWAT is also lightweight and fast, and best of all it does not needany third-party web server to run. It has its own web request handler, and can beenabled in a few seconds using the inetd daemon. All you need to do is to modifyyour /etc/inetd.conf file and start/restart your inetd daemon. The configurationline for swat already exists in the /etc/inetd.conf file (the last line of the file) andall you have to do is to un-comment it:swat stream tcp nowait/400 root /usr/local/sbin/swat swat[ 246 ]