Server Level Security (security = server)
To its clients, Samba pretends to be working in user level mode. However, it
passes all password queries to another user level mode server, which takes care of
authentication. This setting requires the additional password server parameter.
ADS Level Security (security = ADS)
In this mode, Samba will act as a domain member in an Active Directory environ-
ment. To operate in this mode, the machine running Samba needs Kerberos installed
and congured. You must join the machine using Samba to the ADS realm. This
can be done using the YaST Windows Domain Membership module.
Domain Level Security (security = domain)
This mode will only work correctly if the machine has been joined into a Windows
NT Domain. Samba will try to validate username and password by passing it to a
Windows NT Primary or Backup Domain Controller. The same way as a Windows
NT Server would do. It expects the encrypted passwords parameter to be set to
yes.
The selection of share, user, server, or domain level security applies to the entire server.
It is not possible to offer individual shares of a server conguration with share level
security and others with user level security. However, you can run a separate Samba
server for each congured IP address on a system.
More information about this subject can be found in the Samba 3 HOWTO. For multiple
servers on one system, pay attention to the options interfaces and bind
interfaces only.
19.5 Conguring Clients
Clients can only access the Samba server via TCP/IP. NetBEUI and NetBIOS via IPX
cannot be used with Samba.
19.5.1 Conguring a Samba Client with YaST
Congure a Samba client to access resources (les or printers) on the Samba or Windows
server. Enter the NT or Active Directory domain or workgroup in the dialog Network
Services > Windows Domain Membership. If you activate Also Use SMB Information
356 Reference
