Linux: Set permissions to Windows network computers - windows

Im working on a linux server at work and I wanted to find out how to set certain permissions to Windows users connected to that server.
Im trying to assign permissions to windows machines connected to the linux server?
This is how the network is setup... There are different computers that are connected in a network, that connects to a dedicated lunix (debian) server. On the server there is a shared folder that all of the computers can access.
What I would like to do is set a read & execute permission to a certain computers in that Windows network. Is there a way to set certain permission to a specific computer by its Computer Name (Full computer name, ex. Garys-pc) and Workgroup Name through the linux system to set certain permissions?
How can I do this? Im a novice with the linux operating system so I would appreciate any help with this. Any advice will be appreciated.

The smb.conf(5) man page, VARIABLE SUBSTITUTIONS section, details all variables that can be used in the configuration file. These variables can be used in an include directive in order to include other files that can modify global behavior.

Related

clearcase: shared dynamic views in windows

Clearcase in unix allows 'export views', which non-clearcase users can mount via nfs.
Can a similar feat be achieved with the windows version? I want to use windows filesharing on a dynamic view, so that the MVFS will be mounted on one system, and all other computers could simply use windows filesharing to mount it (readonly if that matters).
No, the help page "Configuring non-ClearCase access on Linux or the UNIX system" clearly states:
Non-ClearCase access is not supported on hosts running Linux or the UNIX system and Rational ClearCase LT, or on any Rational ClearCase Windows host.
I would rather try and use a snapshot view on Windows, which you can then share (regular windows folder share) on your disk in order for others to access.

Copy Files from Remote RDP to Local Machine [closed]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 3 years ago.
Improve this question
Is there a way I can launch a RDP session to a remote Windows server, and perform a file transfer to the local computer? Versions of the remote Windows Server varies. Ranges anywhere from 2000 to 2008.
I've tried to look up solutions and it seems scattered everywhere. Some suggest using mstsc.exe, others suggest PowerShell / Java / ASP Net. I'm confused. Appreciate some guidance here.
Thanks!
Update Below: 17 Feb 2012
Thanks for all suggestions. Would like to add that the remote servers are securely locked down and I'm not allowed to install SSH servers, FTP servers, or shared drives. The only way for accessing the remote machine is through RDP, and these machines are also on separate VLANs to which only authorised users can use RDP to access these machines. I'm trying to create a script that can help authorised users to download the required files.
You can map a drive using remote desktop.
Options > Local Resources > More
Ctrl + C at the Remote Desktop, and Ctrl + V at local, if you not looking for any automated solution. (Please check RD Config to enable copy and paste)
Once you have mapped the drives you want using mstsc, you can use \\tsclient to access the file system of the local machine i.e the Terminal services client from which you have RDP'ed on to the remote box.
If all you are trying to do is copy file from a remote box, just do \\machine\c$\path etc or share the folder and do \\machine\share to get them. RDP is not necessary in this case.
Once you have mapped the needed drives as Andy says, you can execute remotely a LOCAL batch file every time you connect specifying it's local path (using \\tsclient\c to refer your local drive) in the Programs tab at RDP properties.
Remember to write cmd /c before that path.
The rdp connection will automatically close once the batch file ends, but you can add the pause command to the end to see what happened during execution.
Connecting this way, you can edit the batch file before connecting.
Make sure your remote Machine enabled PSRemoting by running the following command in PowerShell
Enable-PSRemoting –Force
From the client computer, run the following command to establish the connection.
net use "\\{RemoteIP}\c$" "{Password}" /USER:"{Username}" /persistent:no
Here after you can use Copy-Item, Delete-Item over the network.
Copy-Item [PACKAGEPATH]\* \\[COMPUTER]\c$\installers -recurse
In Client machine, Run->mstsc.exe-> Local Resources-> enable clipboard.
In remote machine-> windows run command (Windows Key + R).
Open cmd->(Taskkill.exe /im rdpclip.exe) type brackets command
You got "Success", then
Type same command prompt "rdpclip.exe"
Now copy and paste both, its working fine
You can copy and paste files over RDP, it works perfectly. See http://www.reddit.com/r/sysadmin/comments/1d6a1o/til_you_can_copy_and_paste_files_over_rdp/ for more info.
eug wrote what I thing is an extremely useful comment that seems to have overlooked by everyone:
You can very easily share a single folder by using subst to map it to a drive letter, and then selecting that drive in remote desktop.
Note that it's fairly easily to have problems with this method due to subst performing the mapping only for the user under which it is run.
So I recommend to run everything from a single command prompt:
Open a command prompt (Win+R -> cmd)
Type subst <lettertomap>: <pathtofolder>
Type mstsc (which launches Remote Desktop)
Keep in mind that the subst mappings are not persistent across reboots, of course, so this is mostly convenient for a one-time session of file transfer.
There are actually also other ways to do the mapping, see raymond.cc .
And yes, the mapping does seem to disallow access to the rest of the drive, although I wouldn't bet my life that it doesn't have chroot-like "vulnerabilities" (assuming it is supposed to be secure in the first place).
1) Install dropbox or equivalent cloud storage product and sync needed files that way between computers. Remember, you can allow only certain folders to be synced on specific devices (you don't have to sync the entire dropbox, just the folders you need)
2) If you are allowed to setup more than one user on the remote server, have a 2nd user and then have user2 session connect rdp session to user1. This will keep the user1's gui alive in the cloud without having to remain logged in to rdp locally.
This video should show you how to implement this 2 user setup on your server to hold an rdp session open. Note that this does 'permanently' use 1 rdp session until you decide to close it.
[markdown cannot embed video :( ]
Then use AmmyyAdmin AnyDesk on user1's desktop to connect and manipulate the desktop. This includes using AnyDesk's file manager's ability to browse any folder you need and copy. AnyDesk can be free if you connect via direct IP connection. Most vps servers have dedicated IP addresss or subdomain address so this should not be a problem. Good idea to password protect your AnyDesk login and which IDs have access to unattended remote connections. The AnyDesk file manager is a bit crude, but it works. Their big thing is simplicity and speed.
Note: Use portable mode only on the remote user's desktop; Do NOT fully install AnyDesk. Also, the CPU usage might increase to stream the desktop screen, somewhat related to the size of the RDP window. I am using 1280 x 2048 window with 4 cores and the CPU usage is 22-25% idle or moving things around. This might decrease if there is more video ram or graphics processor on the target server. But, if you only "browse files" (use only the file manager without streaming the desktop), CPU usage >0.3% idle and >1 avg% when transferring files (burst up to 5-6% when the file is finished uploading and the pieces are being finalized).
You'd have to write your own scripts (java, .net, c#/c++, AutoIT, etc) to launch AnyDesk locally and automate the connecting and downloading specific files.
This strategy is a bit more complex, but it should do the job. Not sure why microsoft rdp cannot have some simple, quick file manager like what ammyy admin AnyDesk has; oh well.
Add: Can also use AnyDesk or Teamviewer. Teamviewer became a lot more restrictive on what is considered to be "non commercial use", but Anydesk is secure, much smaller footprint, and if you can have a direct connection doesn't seem to care too much about usage. If you do need a license, it will be much lighter on the wallet.
AnyDesk works flawlessly without any installation required. In fact, if using in a server environment as I described above, no installation is recommended.
Edit: AmmyyAdmin is no longer recommended for several months now due to some security and technical concerns. Added AutoIT as a scripting capability to automate interaction with GUI/nearly any windows function.

automatic Samba share script

I have an Ubuntu 10.04 server running Samba.
I want to write a script (for Linux or Windows computer) that, given the IP of this server and the path of the shared Samba folder, can automatically create a "network drive" icon on the desktop. Both machines are on a local network.
I realize this will be different for linux/windows.
Any suggestions? I'm just not sure where to start. Thanks!
For Windows machines, you want to look at net use. For instance, to map the share "Data" on 192.168.0.2 to Z:, you'd write net use Z: \\192.168.0.2\Data. There is a lot of options, so check net help use for a complete list. For instance, you might want to look at /persistent, which would automatically recreate the share every time you log in.
Or you could put this in a .BAT file which is executed when logging in.
On linux, I think you'd generally have to be root to do this, as it'd require a mount command. I know some desktop environments (such as GNOME) get around this, but to acually mount it you need root. The command to mount the same share at the mountpoint /mnt/Data would simply be mount //192.168.0.2/Data /mnt/Data, if you allow anyone access. If you require a logon, you need to add -o User=YOURUSER. You will then be prompted for a password.
(Note that this requires the CIFS/SMB drivers to work)

Setting Permissions on files shared between Linux and Windows on EMC Celerra

I have an EMC Celerra filesystem shared between Windows and Linux Clients. User A on a Windows client creates a directory and set of files and User B on a Linux client is to modify and/or delete these files; however the files and directory to not have write permission for anyone other than the original owner. If this was on a Linux NFS share, I could use umask to set the permissions to allow group write permissions. Is there a way for the Windows client to set the correct permissions on the files when created? Or is there a way to do this on the EMC Celerra? I can write a script to perform a chmod on the Linux side but wanted to avoid this if possible.
Thank you,
JP20036
Old question, but if you are managing the Celerra share via Windows you can set permissions there and you can set it so that any user has wright permissions pretty easily from the share creation wizard. Try recreating the share and coming at the permissions that way (obviously OP is no longer looking for an answer, but just in case anyone googles it).

Determine logged on user on a remote Windows machine

Is there a way to determine who is logged on to a particular (remote) machine given the IP address (or the workstation name) of the machine?
The machines in question are on an Active Directory Domain
The user running the script probably won't have any special rights on either their local or the remote machine
Operating system is Windows XP
Any programming language is fine but ideally
VBScript (yeah I know)
C#
Java
DOS Batch file
PSloggedon from SysInternals will provide this from a batch file, however the user would require admin access on the remote machine. I doubt you can get this information without Administrator access.
Difficult to do depending on the permissioning on the machine. One way is to query WMI on the remote machine and check the owner of the explorer.exe process.
You don't need admin access. Just use net apis.
ask on news://194.177.96.26/comp.os.ms-windows.programmer.win32
where it's a FAQ

Resources