Samba: Guest account unexaplained behavior
Hi all,
I'm seeing something strange here on my Samba installation. Not that it's something critical, not at all, just out of curiousity. I'm sharing a simple folder with Samba in a workgroup (no domain). When I try to browse the shared resources of my Samba server (using \\smbserver_ip), I get asked to enter user credentials, which is rather strange as I'm not yet accessing a restricted resource. Thus I thought, maybe I need to addd "guest ok = yes" to the global settings. The man page says the following about "guest ok": Code:
If this parameter is yes for a service, then no password is required to connect to the service. Privileges will be those of the guest account. Ok..maybe I need something more..what about "map to guest": Code:
This parameter can take four different values, which tell smbd(8) what to do with user login requests that don't match a valid UNIX user in some way. So I thought, lets set map to guest to bad user. Restarted Samba and tried again and gues what...IT WORKED! I was able to browse the shares without having to enter a username/password. Well, ok, so it seems that eventually the user gets mapped to guest when the used username does not exist. So in my case the used username was Administrator (as I suppose it uses the sessions username). This seems rather reasonable as I don't have the administrator's user account, not in Linux nor in Samba. So I thought...let's fix the root of the problem...let's map the Administrator's username to the root's username (which does exist both in Linux and in Samba), and the problem should be fixed. I created a file /etc/samba/smbusers with the following content: Code:
root = administrator Code:
username map = /etc/samba/smbusers So it seems "map to guest" does not work together with "username map" in my case. If somebody could shed a light on this, I would really appreciate. I'm eager to understand what is happening Edit: I tried something more as I realized my Windows Administrator's account did not have a password, and my root account (to which is it supposedly being mapped) does. So I changed my root pass to be empty and tried again, and this time it works. (I'm not being asked to enter credentials to list the available shares) The combination is as follows: Code:
map to guest = bad user Then I thought I could actually change map to user back to it's default: never. I requote from the man page: Code:
Never - Means user login requests with an invalid password are rejected. This is the default. Restarted, tried and...failed again! I get asked to enter username and password. The whole thing is that I want to be able to see which resources are actually shared, and it seems there is no logical combination, or I'm at least not seeing it. Sigh.. |
Share without password in Samba
The following is the first part of my SMB.conf file
# Samba config file created using SWAT # from 127.0.0.1 (127.0.0.1) # Date: 2008/07/13 20:22:18 [global] workgroup = THUIS server string = Samba security = SHARE encrypt passwords = No printcap name = cups preferred master = Yes [FTPDATA] path = /windows guest ok = Yes [data] comment = Gedeelde gegevens path = /windows read only = No guest ok = Yes By setting security = SHARE in the global section, my shares FTPDATA and data can be accessed over the network without that a username and/or password is needed. I never combined this with protected shares, but as I understand from documentation, if you leave out guest ok = Yes for a share, then the share can only be accessed by a password (without username) Googling for "Security = share samba" will give you some other articles success |
All times are GMT -5. The time now is 05:18 PM. |