1

I have 100 users. So i need to create a samba folder for each user to access to personal folders with individual username and password.

I will create them with the following format (in smb.conf samba version 4.7.6-Ubuntu)

[finance]
comment = finance PC
path = /home/user/finance
writeable = yes
browseable = no
read only = no
create mask = 0774
directory mask = 0777
valid users = finance
admin users = finance2018

[secretary1]
comment = secretary1 PC
path = /home/user/secretary1
writeable = yes
browseable = no
read only = no
create mask = 0774
directory mask = 0777
valid users = secretary1
admin users = secretary11976

The problem is that I have 100 users (for each PC). Then I must create 100 linux users, 100 users for samba (with 100 passwords) and 100 individual folders.

Is there any way to make this task easier?

acgbox
  • 2,200
  • Possible same answer from this one will help you create a script for this, https://askubuntu.com/questions/536977/create-a-user-for-samba-only-cli – Bernard Wei Jul 23 '18 at 20:58
  • @BernardWei Not the same question. Totally different – acgbox Jul 23 '18 at 21:04
  • 2
    Actually, the proper way to do this is to use LDAP to manage your users and configure samba to use LDAP. You can start by looking at this, https://help.ubuntu.com/lts/serverguide/samba-ldap.html.en – Bernard Wei Jul 23 '18 at 21:11

2 Answers2

1
  1. In theory unlimited. The hardware is your limit.
  2. Samba supports a [homes] setting. See chapter 9 in the manual.
[homes]
    browsable = no
    writable = yes

The [homes] share is a special section of the Samba configuration file. If a user attempts to connect to an ordinary share that doesn't appear in the smb.conf file (such as specifying it with a UNC in Windows Explorer), Samba will search for a [homes] share. If one exists, the incoming share name is assumed to be a username and is queried as such in the password database ( /etc/passwd or equivalent) file of the Samba server. If it appears, Samba assumes the client is a Unix user trying to connect to his home directory.

That is likely to be the easiest to manage method for lots of users.

We have a users group (GID 100) you can use to group those users and apply settings to that group.

But the more obvious way would be to use active directory if you have that. Setup almost totally on the Windows side and not on the server.

Mind the part in bold.

Rinzwind
  • 299,756
  • Its explanation is not very clear. I would appreciate more specific details. I do not want anything with Active Directory. I have fixed "browseable = no" to "yes", according to your suggestion. Thanks – acgbox Jul 23 '18 at 21:08
  • You create users in the system and then use the above parameters in samba so you do not need to add each user to the samba config – Panther Jul 23 '18 at 22:43
  • The 3 lines in the answer. There are 3 lines and an explanation of what they mean. There is nothing more to add or explain – Panther Jul 23 '18 at 23:06
  • Please do not respond with something that is already in my configuration file. Thanks – acgbox Jul 18 '19 at 17:21
  • 1
    Please tell me where in your config do you have a [homes]? The answer and the link provides state: The [homes] share is a special section of the Samba configuration file. you do NOT have that do you? Please tell me where in your question do you have that? – Rinzwind Jul 18 '19 at 17:28
  • In my [global] smb.conf template, [homes] is disabled, because it can represent any account and could create a share for root, bin, sys, uucp, etc. This is an unnecessary security problem and if I activate it I must take preventive measures to protect the server (like: invalid users = root bin daemon adm sync shutdown halt mail news uucp operator, among others) I'm not saying that your answer is not a good alternative. I'm just saying that if the asset, it can eventually bring me more problems than benefits. – acgbox Jul 18 '19 at 21:06
0

A simple bash script: (read man seq) 

#!/bin/bash
for i in $( seq 1 100 ) ; do  printf "%s\n" "[user$i]
comment = user$i
path = /home/user/user$i
writeable = yes
browseable = no
read only = no
create mask = 0774
directory mask = 0777
valid users = user$i
admin users = user12018
"
done
waltinator
  • 36,399