Buck -----Original Message----- From: shrike-list-admin@xxxxxxxxxx [mailto:shrike-list-admin@xxxxxxxxxx] On Behalf Of Ow Mun Heng Sent: Sunday, September 28, 2003 10:25 PM To: shrike-list@xxxxxxxxxx Subject: RE: File Server irritants (newbie) >>1) Prevent users from logging in at the keyboard of the server. >Keep the server under lock and key.. :) There might be other alternative but as far as I go. I go with LOCK. As soon as I setup a second Linux box, I'll start learning sash and set the server up to work without a keyboard, mouse or monitor. After that I can store my server under my desktop and my Linux workstation/test machine on the desk. Any stray that doesn't crawl under the desk would never know it was there. As for the business server, I am thinking of building a fan-vented cabinet to lock it in. In Windows, I can restrict users from accessing the computer locally, but I can't use it without keyboard, mouse and monitor. LOL >>2) Each user's private directory has Linux OS (I guess) related >Create a Shell script to transverse through all the directories and delete those files!! OR... look into /etc/.skel This >is where _all_ the files in user directories will be copied from. I am only dealing with about a maximum of 15 users on two networks. I can delete the files as I add the users. After the initial setup, I'll just add one user about once or twice a year. No big problem. It isn't a problem to just delete them. >>3) Somewhere in the mix I setup a public directory. Users have >What exactly do you want here? I don't understand. Something in Samba... I commented out the section and eliminated it. >>4) I have a folder and account setup called pcguest. "bad-user" >>defaults to that folder but has not access in it. Samba has a "bad-user". This is the default (i think) for the below reasons <snip> # If you want users samba doesn't recognize to be mapped to a guest user map to guest = bad user <snip> This means that for users that are not authenticated in your server (meaning, their username/pass combo is not in Linux's Passwd/smbpasswd file then they will only have read access (if you grant it to them) >>5) What am I not thinking of? >In my setup, I have a share folder made especially for users to share files across the lan. Everyone can have write/read >access. It's like the /tmp folder in Linux. This seems to be the most popular folder. Yes, I thought of that too. I created a group called "employees" which has an "employees" folder. This is shared by all users in case they need or want to share. I am weighing the idea of creating a cross-corporate folder, but I have one user, the owner of the business, likes to hang out at KAZAA and other areas that reduce security. I decided to get a separate cable router and server for each network to share the same cable-modem. I am considering adding a Ethernet card to my workstation so I have direct access to both networks at the same time. Thank you for your response. Buck -- Shrike-list mailing list Shrike-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/shrike-list