Samba, other non interactive accounts - noshell, nologin, or blank?


Conducting a user account cleanup accross Solaris and Redhat linux systems, many of which have a number of Samba shares.

What preference do people have for creating the local unix accounts for non interactive Samba users? In particular, the shell entry:

  1. noshell
  2. nologin
  3. blank

And why?



Don't do blank. That runs /bin/sh.

By : Joshua

I've always thought /bin/false was the standard. Some ISPs use a little menu system that lets them change their password / contact / finger info, check usages, etc. Whatever you use, you may want to add it to your /etc/shells file as well if you want the user to be able to use FTP for instance, as some services will be denied to users who are not using a shell listed in that file.

I have seen the shell set to the passwd command so that logging in only gives an opportunity to change the password. This may or may not be appropriate in your non-interactive user case, but it has the upside of allowing people to change passwords without bothering an admin.

By : Alex B

This video can help you solving your question :)
By: admin