[Samba] Samba 3 "public" Access
Andrew Bartlett
abartlet at samba.org
Thu Mar 4 23:09:25 GMT 2004
On Fri, 2004-03-05 at 09:47, Jason McCormick wrote:
> What are the ramifications of changing security = share from sercurity =
> ads ? I was using security = domain before. Looking at the docs/manpages
> I'm unclear how other shares will be affected (for the sections that match
> UNIX == Windows for IT staff). From reading the manpage, it sounds like
> if guest ok = yes then it skips checking, but does it fall back to ADS if
> there's no guest ok directive?
Ok, what has happened here is that in Samba 2.2, if a user logged in
with valid domain credentials, and did not have an account on the
system, they were mapped to a 'guest' account. This is not possible in
3.0 (and I think it was a bad idea in the first place).
So, the alternative for you is to create a new server (or more to the
point, a virtual server configuration) that is in 'security=share' (so
the remote clients never attempt a user/password login) and has 'guest
ok' (or even beter 'guest only') set, so that all connections are
treated as guest, with no questions asked.
include = smb.conf.%L is your freind - but watch out, for this to work
you must set 'smb ports = 139' or we might not get our 'called name' on
which we base that.
Andrew Bartlett
Andrew Bartlett
--
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba/attachments/20040305/b1e83736/attachment.bin
More information about the samba
mailing list