this point, we should discuss how Samba authenticates users. Each
user who attempts to connect to a share not allowing guest access
must provide a password to
make a successful connection. What
Samba does with that password—and consequently the strategy
Samba will use to handle user authentication—is the arena of
security configuration option. Samba currently
security levels on its network:
server, and domain.
Each share in the workgroup has one or more passwords associated with it. Anyone who knows a valid password for the share can access it.
Each share in the workgroup is configured to allow access from certain users. With each initial tree connection, the Samba server verifies users and their passwords to allow them access to the share.
This is the same as user-level security, except that the Samba server uses another server to validate users and their passwords before granting access to the share.
Samba becomes a member of a Windows NT domain and uses one of the domain’s domain controllers—either the PDC or a BDC—to perform authentication. Once authenticated, the user is given a special token that allows her access to any share with appropriate access rights. With this token, the domain controller will not have to revalidate the user’s password each time she attempts to access another share within the domain. The domain controller can ...