fedora-docs-l10n/fedora-system-administrat/f31/pages/_partials/servers/Samba — English @ Fedora Weblate: indexterm:[Samba,Security Modes,User Level Security] User-level security is the default and …

The translation is temporarily closed for contributions due to maintenance, please come back later.
The translation was automatically locked due to following alerts: Could not merge the repository.

Zen

Source string Source string

English

indexterm:[Samba,Security Modes,User Level Security] User-level security is the default and recommended setting for Samba. Even if the `security = user` directive is not listed in the `/etc/samba/smb.conf` file, it is used by Samba. If the server accepts the client's user name and password, the client can then mount multiple shares without specifying a password for each instance. Samba can also accept session-based user name and password requests. The client maintains multiple authentication contexts by using a unique UID for each logon.

Needs editing

This translation is currently locked.

Skip

	English	Actions
	Add groups that users can be members of:
	~]# groupadd -f users ~]# groupadd -f nobody ~]# groupadd -f ntadmins
	Associate the UNIX groups with their respective Windows groups.
	~]# net groupmap add ntgroup="Domain Users" unixgroup=users ~]# net groupmap add ntgroup="Domain Guests" unixgroup=nobody ~]# net groupmap add ntgroup="Domain Admins" unixgroup=ntadmins
	Grant access rights to a user or a group. For example, to grant the right to add client machines to the domain on a Samba domain controller, to the members to the Domain Admins group, execute the following command:
	~]# net rpc rights grant 'DOCS\Domain Admins' SetMachineAccountPrivilege -S PDC -U root
	Keep in mind that Windows systems prefer to have a primary group which is mapped to a domain group such as Domain Users.
	Windows groups and users use the same namespace thus not allowing the existence of a group and a user with the same name like in UNIX.
	Limitations of the tdbsam authentication back end
	If you need more than one domain controller or have more than 250 users, do not use the `tdbsam` authentication back end. LDAP is recommended in these cases.
	Primary Domain Controller (PDC) with Active Directoryindexterm:[Samba,smb.conf,PDC using Active Directory]
	Although it is possible for Samba to be a member of an Active Directory, it is not possible for Samba to operate as an Active Directory domain controller.
	Samba Security Modes
	indexterm:[Samba,Security Modes] There are only two types of security modes for Samba, _share-level_ and _user-level_, which are collectively known as pass:attributes[{blank}]_security levels_pass:attributes[{blank}]. Share-level security is deprecated and has been removed from Samba. Configurations containing this mode need to be migrated to use user-level security. User-level security can be implemented in one of three different ways. The different ways of implementing a security level are called _security modes_.
	User-Level Security
	indexterm:[Samba,Security Modes,User Level Security] User-level security is the default and recommended setting for Samba. Even if the `security = user` directive is not listed in the `/etc/samba/smb.conf` file, it is used by Samba. If the server accepts the client's user name and password, the client can then mount multiple shares without specifying a password for each instance. Samba can also accept session-based user name and password requests. The client maintains multiple authentication contexts by using a unique UID for each logon.
	In the `/etc/samba/smb.conf` file, the `security = user` directive that sets user-level security is:
	[GLOBAL] ... security = user ...
	Samba Guest Sharesindexterm:[Samba,Security Modes]
	As mentioned above, share-level security mode is deprecated. To configure a Samba guest share without using the `security = share` parameter, follow the procedure below:
	Configuring Samba Guest Shares
	Create a username map file, in this example `/etc/samba/smbusers`, and add the following line to it:
	nobody = guest
	Add the following directives to the main section in the `/etc/samba/smb.conf` file. Also, do not use the `valid users` directive:
	[GLOBAL] ... security = user map to guest = Bad User username map = _/etc/samba/smbusers_ ...
	The `username map` directive provides a path to the username map file specified in the previous step.
	Add the following directive to the share section in the `/ect/samba/smb.conf` file. Do not use the `valid users` directive.
	[SHARE] ... guest ok = yes ...
	The following sections describe other implementations of user-level security.
	Domain Security Mode (User-Level Security)indexterm:[Samba,Security Modes,Domain Security Mode]
	In domain security mode, the Samba server has a machine account (domain security trust account) and causes all authentication requests to be passed through to the domain controllers. The Samba server is made into a domain member server by using the following directives in the `/etc/samba/smb.conf` file:

Loading…

None

Source string added

English 0 characters edited

indexterm:[Samba,Security Modes,User Level Security] User-level security is the default and recommended setting for Samba. Even if the `security = user` directive is not listed in the `/etc/samba/smb.conf` file, it is used by Samba. If the server accepts the client's user name and password, the client can then mount multiple shares without specifying a password for each instance. Samba can also accept session-based user name and password requests. The client maintains multiple authentication contexts by using a unique UID for each logon.

4 years ago

Browse all string changes

Things to check

Long untranslated

The string has not been translated for a long time

Reset

Glossary

English	English
No related strings found in the glossary.

946208 String information

Source string description

type: Plain text

Flags

read-only

Source string location

./pages/_partials/servers/Samba.adoc:703

String age

4 years ago

Last updated

a year ago

Source string age

4 years ago

Translation file

pot/f31/pages/_partials/servers/Samba.pot, string 196

Shortcut	Action
`?`	Open available keyboard shortcuts.
`Alt` + `Home`	Navigate to the first translation in the current search.
`Alt` + `End`	Navigate to the last translation in the current search.
`Alt` + `PageUp` or `Ctrl` + `↑` or `Alt` + `↑` or `Cmd` + `↑` or	Navigate to the last translation in the current search.
`Alt` + `PageDown` or `Ctrl` + `↓` or `Alt` + `↓` or `Cmd` + `↓` or	Navigate to the next translation in the current search.
`Ctrl` + `Enter` or `Cmd` + `Enter`	Submit current form; this works the same as pressing Save and continue while editing translation.
`Ctrl` + `Shift` + `Enter` or `Cmd` + `Shift` +`Enter`	Unmark translation as Needing edit and submit it.
`Alt` + `Enter` or `Option` + `Enter`	Submit the string as a suggestion; this works the same as pressing Suggest while editing translation.
`Ctrl` + `E` or `Cmd` + `E`	Focus on translation editor.
`Ctrl` + `U` or `Cmd` + `U`	Focus on comment editor.
`Ctrl` + `M` or `Cmd` + `M`	Shows Automatic suggestions tab.
`Ctrl` + `1` to `Ctrl` + `9` or `Cmd` + `1` to `Cmd` + `9`	Copies placeable of a given number from source string.
`Ctrl` + `M` followed by `1` to `9` or `Cmd` + `M` followed by `1` to `9`	Copy the machine translation of a given number to current translation.
`Ctrl` + `I` followed by `1` to `9` or `Cmd` + `I` followed by `1` to `9`	Ignore one item in the list of failing checks.
`Ctrl` + `J` or `Cmd` + `J`	Shows the Nearby strings tab.
`Ctrl` + `S` or `Cmd` + `S`	Focus on search field.
`Ctrl` + `O` or `Cmd` + `O`	Copy the source string.
`Ctrl` + `Y` or `Cmd` + `Y`	Toggle the Needs editing checkbox.
`→`	Browse the next translation string.
`←`	Browse the previous translation string.