Manualshelf

HP-UX HB v13.00 Ch-20 - CIFS

ManualsBrandsHP ManualsSoftwareHP-UX 11i v3 Virtual Server Operating Environment (VSE-OE) LTU
11121314151617181920
HP-UX Handbook Rev 13.00 Page 20 (of 40)
Chapter 20 CIFS
October 29, 2013
Samba can be a workgroup server
A workgroup server is a server in an environment with several windows clients and servers,
which are not centrally administered. Samba can act as a workgroup server with three different
security levels:
security = share
this security level is one which is hard to understand as any valid password by any user to
any share can be used. HP does not recommend this security level.
security = user
this security level clearly validates users against their user databases. This can be the unix
passwd or the smbpasswd file, depending on the value encrypted passwords.
encrypt passwords = {yes|no}
depending on this value samba gets to know how to handle incoming passwords. If set to
yes then all passwords are encrypted and must be checked in the Samba encrypted
smbpasswd file. If set to no then Samba requires an unencrypted password that is checked
in the unix password database.
The default entry that samba_setup does for you if you choose workgroup server is encrypt
passwords = yes. Windows clients by default only will send an encrypted password. There
are registry changes required to have the client send a unencrypted password, but this is not
recommended.
After doing this basic configuration you may want to start the server, do some first access tests
and do additional configurations.
Starting the services
Besides the start scripts to start Samba during boot time HP offeres two other useful scripts to
stop and start Samba daemons: startsmb and stopsmb. These are located like all other Samba
binaries in /opt/samba/bin. View as well the table at the end of this chapter.
SWAT
The SWAT tool (Samba Web Administration Tool) is provided with Samba suite which can be
used to set up or change your Samba configuration in the smb.conf file via web access. In other
words it is an enhanced vi for smb.conf with a webserver frontend that offers excellent help to
each configuration item. You can modify globals, shares, and printers using SWAT.
The startup of swat should be enabled by appropriate configuration in the unix services (ruled by
/etc/nsswitch.conf) and /etc/inetd.conf. The entry in /etc/inetd.conf should look like:
swat stream tcp nowait.400 root /opt/samba/bin/swat swat
You can start swat from any web browser by entering the URL http://<sambaserver>:901. Then