If you are a Windows guy I think you can use the computer management MMC. It also is much nicer than the insanity you get with a "cifs sessions" on a busy filer.

You'd think a bunch of Sun and BSD guys would understand why stuff like regex. Please use ^D to delete this post...

Romeo Theriault romeotheriault@gmail.com wrote:

Any hints appreciated.

Hi John, If you want to configure local user accounts on the filer for your cifs users, when you run 'cifs setup' make sure you choose option 3, "Windows Workgroup Authentication". Then you can create a user account on the filer for that cifs user.

useradmin group add cifsonly -c "This group is for non-admin CIFS access" -r none useradmin user add appuser -c "Non-administrative CIFS-only user" -g cifsonly

Now, because of the way that the filers map windows id's to unix id's you still need to create an entry in the filers /etc/passwd file for the user you just created. Give it a unique uid and gid that are higher than the uid's and gid's that are currently in the /etc/passwd file and just give it a '/' as the home directory.

Example:

root:_K9..qPPDSr/2SCvwCSTSc:0:1::/: pcuser::65534:65534::/: nobody::65535:65535::/: appuser::65536:65536::/:

In my case, due to permissions issues, I needed to map my cifs user to root to get around a permission's issue. You probably don't need it but here is the syntax I used to do so.

*\appuser => root

Now you should be able to create a share, assign the appuser privs to it and they should be able to get in. If not you can turn on cifs login tracing like so:

options cifs.trace_login on

Good luck!

-- Romeo Theriault System Administrator Information Technology Services

Please be advised that this email may contain confidential information. If you are not the intended recipient, please notify us by email by replying to the sender and delete this message. The sender disclaims that the content of this email constitutes an offer to enter into, or the acceptance of, any agreement; provided that the foregoing does not invalidate the binding effect of any digital or other electronic reproduction of a manual signature that is included in any attachment.