can't find service
Armand Welsh
armand at welshhome.org
Thu Jan 11 19:12:30 GMT 2001
*This message was transferred with a trial version of CommuniGate(tm) Pro*
shouldn't the map to guest = Bad Password, be changed to map to guest = Bad
User? Otherwise, any invalid login, even for known users will be considered
guests. this can really screw with you if you simply mistyped your
password....
set 'guest account = nobody' or other user with restricted access, so that
you can manage sercurity on the file system, OR use the 'force user =
username' option and 'force group = groupname' option to access the file
system as the specified user and group (this second option, I usually use,
to control user/group ownership in my public directories making public
directories truely public).
<smb.conf man page>
guest only (S)
If this parameter is ´yes´ for a service, then only
guest connections to the service are permitted.
This parameter will have no affect if "guest ok" or
"public" is not set for the service.
</smb.conf man page>
This tell me that, if you use 'public = yes' or 'guest ok = yes' (synonymous
commands) then non-authenticated users can access the share. Therefore, the
line 'guest only = yes' and the description from the man file, leaves me to
deduce that only guest users are valid. non-guest users are not allowed
access. This behavior is optional, as you don't need this paramater. It
would be equivalent to assigning an nt share as "Everyone <change>, domain
users <no access>"
----how I would adddress this----
# chmod 0777 /usr/local/samba/public_folder
edit /etc/smb.conf to look like this:
[global]
workgroup = MY_DOMAIN
security = domain
password server = *
server string = Samba SMB file server
map to guest = Bad User
encrypt passwords = yes
smb passwd file = /etc/smbpasswd
[public_folder]
path = /usr/local/samba/public_folder
guest ok = yes
force user = ftp
force group = ftp
writable = yes
browsable = yes
printable = no
create mask = 777
directory mask = 777
>
> # FYI: samba log /var/log/smblogs
> #
>
> debug level = 1
>
> # Global parameters
> [global]
> workgroup = *nameofNTdomain*
> security = domain
> password server = *nameofmypasswordserver*
> server string = FreeBSD Samba 2.0.5
> map to guest = Bad Password
>
> encrypt passwords = yes
> smb passwd file = /etc/smbpasswd
> log file = /var/log/smblogs
> log level = 2
> ; Max log size in KB
> max log size = 5000
> [public_folder]
> path = /usr/local/samba/public_folder
> public = yes
> only guest = yes
> writable = yes
> printable = no
> create mask = 777
> directory mask = 777
More information about the samba-ntdom
mailing list