22.7. Samba Security Modes
22.7.1. User-Level Security
security = userdirective is not listed in the
smb.conffile, it is used by Samba. If the server accepts the client's username/password, the client can then mount multiple shares without specifying a password for each instance. Samba can also accept session-based username/password requests. The client maintains multiple authentication contexts by using a unique UID for each logon.
security = userdirective that sets user-level security is:
[GLOBAL] ... security = user ...
184.108.40.206. Domain Security Mode (User-Level Security)
[GLOBAL] ... security = domain workgroup = MARKETING ...
220.127.116.11. Active Directory Security Mode (User-Level Security)
smb.conf, the following directives make Samba an Active Directory member server:
[GLOBAL] ... security = ADS realm = EXAMPLE.COM password server = kerberos.example.com ...
18.104.22.168. Server Security Mode (User-Level Security)
smb.conf, the following directives enable Samba to operate in server security mode:
[GLOBAL] ... encrypt passwords = Yes security = server password server = "NetBIOS_of_Domain_Controller" ...