A couple of days ago, I was dealing with the issue of trying to have home directories residing on Mac servers where the users would connect to these home directories which are auto created from their Mac workstations, but also, need these same home directories to be available for mapping via login script to the Windows clients.
The problem that I was faced with, which also matches my philosophy about security, was that everywhere else where I had created shares, I had them setup as hidden shares. Something makes me uneasy knowing that users would be able to just browse all shares (Even though they can’t really access them) if the shares are not hidden.
So, in all my Windows environments, where user data is on Windows shares, the path looks something like this:
D:\User\Students\%USERNAME% with a share point physically pointing to D:\User, and named user$, so the path to the user’s home directory from a UNC perspective would look like this:
Can you guess where the problem is on a Mac, trying to create the same type of share?
From my research, it doesn’t seem like it’s even possible to create a hidden share from Mac OS X Server, at least not natively. I have tried everything, from changing the name of the share to have a “$” sign in it, to changing the share name in the SMB protocol options. Non worked, or returned the expected result.
The solution ended up being a hack, it’s not permanent, as it will revert back to non hidden state if any changes are made to that share point, but, realistically speaking, once a share is created, it’s permanently there, or at least long term.
To make a share hidden on a Mac, so that Windows can access it, create the Mac share , and enable the SMB protocol, and specify the name of the share. To be consistent with the above example, we’ll name the sharepoint: “user”
Once the share is created, and all the ACLs are set, open up Terminal, and su – to root
then: cd /var/samba/shares
The share we just created above will show up in that directory, just rename that to user$:
mv user user$
Now, try to access the share like you would from Windows: \\servername\user$\students\%USERNAME%
You will notice that you are now able to do so without any problems.
Of course, this article is only explaining how to create a share, and not how to properly configure Samba. There is additional details that you need to be aware of when configuring Samba, mostly related to user authentication, especially, if the Macs are not authenticating to a common directory. This article can give a bit of an insight on how that works: http://www.samba.org/samba/docs/using_samba/appf.html