Security Options
Of the security options settings, the first (Security) is the most important one to get right. It defines the type of security used to give access to the shared file systems and printers to the client comput- ers. (To see some of the fields described here, you need to click the Advanced view.)
Security - Sets how password and user information is transferred to the Samba server from the client computer. As noted earlier, it's important to get this value right. Samba versions 2.0 and later have a different default value for security (security=user) than the earlier versions of Samba do (security=share). If you are coming from an earlier version of Samba and clients are failing to access your server, this setting is a good place to start. Here are your options:
user - The most common type of security used to share files and printers among Windows 95/98/2000/NT/XP clients. It is the default set with Samba in the current release. This setting is appropriate if users are doing a lot of file sharing (as opposed to a Samba server used mostly as a print server). It requires that a user provide a username/ password before using the server. The easiest way to get this method working is to give a Linux user account to every client user who will use the Samba server, therefore providing basically the same file permissions to a user account through Samba as the same user would get if he or she were logged in directly to Linux.
share - The share value for security works best for just print sharing or for providing file access that is more public (guest sharing). A client doesn't need to provide a valid username and password to access the server. However, the user typically has a guest level of permission to access and change files. See the sidebar "Assigning Guest Accounts" in this chapter for further information.
server - From the client's point of view, this is the same as user security in that the client still has to provide a valid username/password combination to use the Samba server at all. The difference is on the server side. With server security, the username/ password is sent to another SMB server for validation. If that fails, Samba tries to validate the client using user security.