Share: This parameter most closely emulates the Windows behavior so this

is the one that you might want to use. User mode also makes the

configuration a little more complex so it's better to stick with share level

security for now. If you plan to have shares that do not require the use

of a password then this is the easiest method to use.

Server: Under this method all the authentication is done by a remote

server.

Domain: Again all the authentication is done by a remote Windows NT domain

controller.

I am using Share level security because it is the easiest to implement. But

make sure that the under-lying Unix security and permissions are

solid. Only give clients access to designated safe zones on the server and

nothing more. Don't take the easy way out and allow guest access to your

home directory. Make a separate directory and put all the public files there.

The next keyword is required if you are connecting with Windows 9X/NT

clients. They require the use of encrypted passwords. They refuse

to connect with servers or clients that do not support encrypted

passwords. So your smb.conf must include "encrypted passwords = yes".

The next section is Homes. The purpose of this section is to allow remote

Windows clients to access their home directories on the server. The default

entries from the smb.conf file are used here and they work just fine.

Comment: This keyword can be used in all the shares that are defined to

give a longer description of the share. You can put anything you want here.

Create mask: Enter the file permission of the file that is created in this

share. This parameter can be specified globally and in the particular

share too. Here a mask of 750 will give full user access, group - read and

execute access and no access for others

Remember to restart samba everytime you change you smb.conf.

This would be

/etc/rc.d/init.d/smb restart <- Red Hat

/sbin/init.d/smb restart <- SuSE

SWAT

If editing smb.conf is a pain then you can use the Samba Web

Administration Tool ( SWAT ). It's just a web interface that you access

through the browser and allows you to use configure Samba behaviour as

well as add/remove/modify your shares. SWAT is started via inetd. Open

/etc/inetd.conf in your favourite editor. Go down till you see a line that

looks like the one below.