on LInux machine:
smbpasswd -a sambauserusername
mkdir /home/sambashare (or whatever path you want)
chown 770 sambashare
In your smb.conf:
comment = share drive for Windows user
path = /home/sambashare
valid users = sambausername
security = users
browseable = yes
writable = no
allow hosts = 192.168.1.2, 192.168.1.3, 192.168.4, etc...
(exit vi or your editor)
(restart your samba service)
Now onto the Windows machine:
net use z: \\ipaddressofsambamachine\sharename /user:sambauser
Now they have a Z: drive and can READ ONLY.
This account, sambauser, will not be able to log into the Linux system at all since is is passwordless, and by default Linux will not login people with passwordless Linux accounts.