Hi all,
I have a Debian server with Samba running on it. I would like to access it throught another computer (Windows 7).
My Samba config is very simple:
smb.conf
Code:
[global]
include = /etc/samba/dhcp.conf
workgroup = WORKGROUP
server string = %h server
dns proxy = no
interfaces = 192.168.1.0/24
socket options = TCP_NODELAY IPTOS_LOWDELAY SO_KEEPALIVE
log file = /var/log/samba/log.%m
log level = 3
max log size = 1000
syslog = 0
panic action = /usr/share/samba/panic-action %d
security = user
encrypt passwords = true
passdb backend = smbpasswd
obey pam restrictions = no
unix password sync = yes
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
pam password change = yes
map to guest = bad user
guest account = nobody
invalid users = root
usershare max shares = 0
use sendfile = yes
deadtime = 15
[Local]
comment = Media Share
path = /var/www/local
browseable = yes
guest ok = yes
create mask = 0744
inherit owner = yes
hide dot files = yes
writeable = yes
veto files = /lost+found/
[LocalW]
comment = Media Share
path = /var/www/local
browseable = yes
guest ok = no
create mask = 0744
inherit owner = yes
hide dot files = yes
writeable = yes
veto files = /lost+found/
[Public]
comment = Public Share
path = /var/tmp/Common
browseable = yes
writeable = yes
guest ok = yes
create mask = 0744
When I'm on the windows 7 computer and I try to access an other Windows 7 computer that appears in "Network", I can see the shared folders. If I try to access some of them, it ask me for an user/password (depending how the sharing is made).
My
goal is to have the
same behavior on my Samba server as between two windows 7 computers !
So what?
Now, with the config above, the Samba server appears as expected in the "Network" list of my Windows 7 computer. If I try to access the Samba server, it ask directly for an user/password. I don't want to enter a password at this level, so I enter something wrong and I can access the list of shared folders. Then, I want to browse into "LocalW". Double-click on "LocalW" and another login pop-up appears. So now, I enter the right username/password that exist on my Samba server (both in Linux and smbpasswd). The result is that the access is denied, even with the good username/password...
The access to "Local" and "Public" are working fine. No "second" credentials are asked and the folder is browseable. I would like to remove the first user/password request (because "Local" and "Public" shared folders are used by guest user) as everyone could have a transparent access to these shared folders.
It work only if I enter a valid username/password in the first pop-up. It seems that the whole authentication is based on the first credentails I submit. The second login pop-up is quiet useless...
Questions
I know the solution: "security = share"
But since this feature has been removed in Samba4, how could we obtain the same behavior with "security = user" ?