22.7. Samba Security Modes
22.7.1. User-Level Security
security = userdirective is not listed in the
smb.conffile, it is used by Samba. If the server accepts the client's username/password, the client can then mount multiple shares without specifying a password for each instance. Samba can also accept session-based username/password requests. The client maintains multiple authentication contexts by using a unique UID for each logon.
security = userdirective that sets user-level security is:
[GLOBAL] ... security = user ...
188.8.131.52. Domain Security Mode (User-Level Security)
[GLOBAL] ... security = domain workgroup = MARKETING ...
184.108.40.206. Active Directory Security Mode (User-Level Security)
smb.conf, the following directives make Samba an Active Directory member server:
[GLOBAL] ... security = ADS realm = EXAMPLE.COM password server = kerberos.example.com ...
220.127.116.11. Server Security Mode (User-Level Security)
smb.conf, the following directives enable Samba to operate in server security mode:
[GLOBAL] ... encrypt passwords = Yes security = server password server = "NetBIOS_of_Domain_Controller" ...