Samba Security

Hi guys, hope you can help me out.

Ive got samba server working "ok" on my linux box, but I have a concern.

This is what Ive done.

1. In smb.conf

security = user
encrypted passwords = yes
Created a share
public = no
valid users = root

2.I then ran smbpasswd
smbpasswd -a root <password>
I did this to add a password for root to the smbpasswd file.

Now, when I connect through using UNC path from a Windows box, it prompts me (which is good) for a valid username and password.
I enter in root for username and the password that I put in when I ran the smbpasswd command. This works.

Now the issue I have...........

If, from the windows box, I mapped a network drive to the above share on the linux box and input the same credentials, and get in successfully, which I do, but then DISCONNECT the share, and then even stop and restart the smb service on the linux box, and then just connect to the same share through UNC (eg.\\servername\sharename) WITHOUT putting in credentials, I DONT get prompted for username and password. It's as if the Samba server has recorded the ip address or some other identity from the computer from which I connected originally from. So, if on subsequent times I connect from that SAME windows box, I dont get prompted for credentials. This is a BIG concern for our company.

Is there some switch or line I have to set in the smb.conf file or some configuration I have to do on the samba server to STOP this from happening, and to ALWAYS ask or prompt for user credentials??????

Thanks guys.

You are the best.


Who is Participating?
pjedmondConnect With a Mentor Commented:
Hmm - Do you really want to type in "root" and then "password" every time you access a single byte of data fronm the samba server? How much time do you want to waste retyping in the username/password? What is the correct 'balance' between useability/security?

Have you ever wondered why Windows has the ability to 'logout'?

If you logout, then the password cache will get cleared.....however, on logging in, if the username/password that you've logged in as matches those required for the samba server, then connection will be 'automatic', and you will not be prompted for the username/password again.
jlevieConnect With a Mentor Commented:
The problem lies in the windows machine. Once you've authenticated sucessfully to the Samba server windows will cache that username & password. Within that windows session it will use the cached information for subsequent maps of the share. Logging out of windows, or rebooting if you aren't logging in to windows, will clear the cache.
Simon336697Author Commented:
Thanks guys.

All Courses

From novice to tech pro — start learning today.