B.6 Security Implications

If you plan to implement Samba on your network, be aware of the following security implications:

B.6.1 Universal Password

By default, Samba uses Novell Universal Password (UP) for authentication. Changing the default UP setting is not recommended because the alternative Samba hash method is not as secure.

Before using Samba, you might want to investigate the implications for using Universal Password as documented in Issues to Watch For in the Novell Modular Authentication Services (NMAS) 2.4 Administration Guide.

Alternatively, you might choose to provide Windows users with file services using Novell Client software, Novell iFolderĀ® 2.1x, or NetStorage. For more information, see File Services in the Novell OES SP2 Planning and Implementation Guide.

For more information on Samba password options, see Section B.5, Samba Passwords.

B.6.2 Samba Access Vs. Novell Client Access

Samba uses the POSIX/Linux security model. Novell Client software and other NCP access methods use the NetWare security model.

Providing similar access priviledges for both Samba users and Novell Client (NCP) users, requires additional steps as explained in Aligning NCP and POSIX File Access Rights in the Novell OES SP2 Planning and Implementation Guide.