Versions: Samba 4.1.6 on Ubuntu 14.04.03 LTS.
I want my server to serve up two Samba shares with only the client IP address as authentication. That is: the client’s IP will determine if it is allowed to access the share. (My LAN has static IP’s for all clients.)
This is what worked for me – your mileage may vary. Samba’s configuration file in Ubuntu is /etc/samba/smb.conf.
I have several users in the ‘mediausers’ group. One of them is ‘media’. Files changed through the Samba share will have ‘media’ as their owner and ‘mediausers’ as their group. Note that the user ‘media’ must be able to access the physical path. It must have at least execute rights (‘traversal rights’ in Windows terms) on all parent folders.
In ‘hosts allow’ place all IP’s that need access. Samba is fairly easy about it’s format. You could say 192.168.1.5, 192.168.1.6, 192.168.1.7 or 192.168.1.0/24 or 192.168.1.0/255.255.255.0, any would work. On a side note: ‘allow hosts’ would also work.
The [global] section must contain:
server role = standalone server map to guest = Bad User
[music] path = /var/media/music force user = media force group = mediausers read only = No hosts allow = 192.168.1.5, 192.168.1.6, 192.168.1.7 [videos] copy = music path = /var/media/videos
After changing /etc/samba/smb.conf always do
This will show you any error in your configuration file. Read testparm’s output very carefully. Press Enter to have testparm show you an overview of the effective configuration. Once there’s no more errors do
service smbd restart
to load the new configuration and test from your client if everything works as expected.
Samba’s logfiles are usually in /var/log/samba so check there for errors.