[GLLUG] Is there a Windows equivalent to /etc/fstab?

Thu Oct 12 16:31:27 EDT 2006

As far as your Microsoft networking issue: 

Mapping a drive letter is old school, you should be able to use a UNC path (
\\server\share\path\file )in just about any modern application. When the
connection is attempted a authentication token, based on the user making the
request (in this case the service user), is passed to the host server who
then handles the authentication. The token is checked to see if it is
trusted at each level, first the share permissions which most people set to
administrator=full everyone=read/write letting the next level, the file
permissions, handle the finer grained control. And so the permissions of the
host server's share and files need to have the account of the client
process/user added appropriately. 

The easiest thing to do is to create a domain account with no special
permissions, add it to the "Run as Service" group and change the service to
start with this new account. Then add this account to the share and files on
each remote server your service will be accessing. If you would rather not
add a domain account, I have had success in the past creating a local
service account and then adding this account on the remote server's file
permissions referencing the account like so
ServiceServerName\ServiceAccountName .

If you are having problems running your service under an account other than
System, it will be because your service does not have permission to
something it touches; registry settings, files, network shares. The quick
way to test this theory is to add this service account to the Local
Administrators group (make sure it is also in the run as service group). It
should start without a hitch. Check the event logs if it does not. 

You can also try starting your service manually using RunAs ( RunAs /? ).
You will find the command line used to start the service in the following
reg key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ServiceNameOrGUID\Image
Path

Working mostly with Windows, I find their security model finer grained and I
almost want to say ... better. With windows, every registry key, folder,
file, share, device, whatever maintains it's own list of users or groups and
their permissions. These permissions are specific to each thing (13
different permissions just for a file). 

Correct me if I'm wrong, with Linux everything is a file with folder and
executable bits, one owner id, one group id and read, write and execute
permissions based on owner, group, and world (everyone else). And then there
is root, who supersedes all permissions.

This area has always struck me in an ironic way when people try to compare
the security between Windows and Linux. I would love to hear someone else's
views as to whether Linux strikes the right balance between ease of use and
security. 

. Nathan

-----Original Message-----
From: Andy Lee [mailto:ALEE at courts.mi.gov] 
Sent: Thursday, October 12, 2006 12:18 PM
To: linux-user at egr.msu.edu
Subject: [GLLUG] Is there a Windows equivalent to /etc/fstab?

I need to create some persistent connections to network shares from
Windows servers, and haven't been able to figure out how to do it, so
I'm hoping someone here might have done something similar. The problem
is that Windows shares are tied to a log in, and the server generally
isn't logged in. I want to somehow store the credentials so that a
network share can be mounted and available to all user accounts on this
machine. On Linux I would just add an entry to /etc/fstab (with the
credentials in a different chmod 600 file ), but I can't find a Windows
equivalent. 

Anyone know?
_______________________________________________
linux-user mailing list
linux-user at egr.msu.edu
http://mailman.egr.msu.edu/mailman/listinfo/linux-user