samba in wide-scale usage

Justin Weissig jweissig-Re5JQEeQqe8AvxtiuMwx3w at public.gmane.org
Wed Sep 28 17:13:43 UTC 2005


I have implemented Samba in a medium sized office for about 200
people. Mainly used as home directory (H drive) and mass storage for a
windows 2000/XP network.

Items you will want to research:

Samba ACL - Allows you to use complex (i.e. many users & groups per
file) windows permissions using the Linux file system. (
http://www.google.ca/search?q=samba+ACL )

Samba winbind - allows Samba to access the domain controllers for
authentication. This also allows domain users to login to the machine
using their domain accounts, pretty cool. (
http://www.google.ca/search?q=samba+winbind )

I would suggest setting up a test box with Samba + ACL + winbind and
see how it works with your network.

- Justin


On 27 Sep 2005 22:57:30 -0400, Tim Writer <tim-s/rLXaiAEBtBDgjK7y7TUQ at public.gmane.org> wrote:
> "Chris Friedt" <Chfriedt-0jnyayh6ARPqzrOJbVgLALDks+cytr/Z at public.gmane.org> writes:
>
> > Hi everyone,
> >
> > This is addressed to anyone out there using samba in a WIDE SCALE.
> >
> > i.e. anyone using a class B subnet or greater, which links up two
> > hundred or so computers of differing OS's
>
> One of our clients has Samba servers in 30 branch offices across the country,
> linked by VPNS, with a total of about 250 users.
>
> > I'm asking because we may be hosting some multi-platform access to
> > existing 'network drives' and printers.
>
> What do you mean by 'multi-platform'? Just different version of Windows or a
> mix of Windows, Linux, proprietary UNIX, Mac, etc.? I ask because I generally
> wouldn't recommend Samba as a solution for Linux and UNIX file sharing
> primarily because it doesn't support the UNIX permission model well.
>
> > I vaguely recall that Samba can automatically supply the correct
> > network printer driver based on the client OS,
>
> Yes, for Windows printer drivers, although it's been a while since I've done
> this.
>
> > but one of the people higher up have said that security is an issue with
> > Samba.
>
> That's a pretty vague statement. Windows networking (SMB/CIFS) is full of
> security issues. Samba has equivalent functionality and arguably a better
> security track record than the native Windows solutions. If you must go with
> Windows networking, Samba is a good solution (better than the native Windows
> solutions, IMO).
>
> Having said that, I wouldn't recommend you use Windows networking if security
> is a significant concern. I definitely wouldn't use Samba (or Windows SMB)
> file services to deliver files over the Internet or in a public access
> environment, such as a library.
>
> > Has anyone been able to look at the security aspects of Samba in
> > great(er) detail?
>
> I hope the above was helpful. I would need to know a lot more about your
> application to be able to help further.
>
> --
> tim writer <tim-s/rLXaiAEBtBDgjK7y7TUQ at public.gmane.org>                                  starnix inc.
> 647.722.5301                                      toronto, ontario, canada
> http://www.starnix.com              professional linux services & products
> --
> The Toronto Linux Users Group.      Meetings: http://tlug.ss.org
> TLUG requests: Linux topics, No HTML, wrap text below 80 columns
> How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml
>
--
The Toronto Linux Users Group.      Meetings: http://tlug.ss.org
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml





More information about the Legacy mailing list