[Samba] Problem with public shares
Stephan Gatzka
Stephan.Gatzka at inf.tu-dresden.de
Thu Nov 20 11:48:03 GMT 2003
Hello!
I'm running Samba 3.0.0 with Openldap 2.1.22.
Samba is my PDC and I'm using ldapsam as backend. Nearly everythings
works, but I have a public share [tmp] which should be accessible
without authentication from all clients even if they are no domain
members. I think, my share definition is o.k. in smb.conf but if I
click on the Samba server symbol on a client (Microsoft Windows XP), I
have to supply username/password. Please, can anyone give me a hint
what I#m doing wrong? Maybe I have a problem with user nobody?
Many thanks in advance,
Stephan
-----------------------------------------------
Output of testparm:
-----------------------------------------------
Processing section "[homes]"
Processing section "[netlogon]"
Processing section "[profiles]"
Processing section "[printers]"
Processing section "[tmp]"
Processing section "[print$]"
Load smb config files from /etc/samba/smb.conf
Loaded services file OK.
# Global parameters
[global]
dos charset = iso8859-1
unix charset = iso8859-1
workgroup = MIKRORECHNER
server string = Samba Server
passdb backend = ldapsam:ldap://localhost
log file = /var/log/samba/log.%m
max log size = 50
name resolve order = wins lmhosts bcast
time server = Yes
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
printcap name = cups
domain logons = Yes
os level = 65
preferred master = Yes
domain master = Yes
dns proxy = No
wins support = Yes
ldap suffix = dc=mr,dc=inf,dc=tu-dresden,dc=de
ldap machine suffix = ou=computers,dc=mr,dc=inf,dc=tu-dresden,dc=de
ldap user suffix = ou=people,dc=mr,dc=inf,dc=tu-dresden,dc=de
ldap group suffix = ou=group,dc=mr,dc=inf,dc=tu-dresden,dc=de
ldap idmap suffix = dc=mr,dc=inf,dc=tu-dresden,dc=de
ldap filter = (&(uid=%u)(objectclass=sambaSamAccount))
ldap admin dn = "cn=root,dc=mr,dc=inf,dc=tu-dresden,dc=de"
ldap ssl = no
admin users = administrator
printing = cups
[homes]
comment = Home Directories
read only = No
browseable = No
[netlogon]
comment = Network Logon Service
path = /home/netlogon
guest ok = Yes
share modes = No
[profiles]
path = /home/profiles
read only = No
create mask = 0644
guest ok = Yes
browseable = No
[printers]
comment = All Printers
path = /var/spool/samba
printer admin = root, administrator
guest ok = Yes
printable = Yes
browseable = No
[tmp]
comment = Temporary file space
path = /tmp
read only = No
guest ok = Yes
[print$]
comment = Printer Drivers
path = /etc/samba/drivers
write list = root
--------------------------------------------------------------------------------------
List of LDAP entries:
--------------------------------------------------------------------------------------
# MIKRORECHNER, mr.inf.tu-dresden.de
dn: sambaDomainName=MIKRORECHNER,dc=mr,dc=inf,dc=tu-dresden,dc=de
objectClass: sambaDomain
sambaDomainName: MIKRORECHNER
sambaSID: S-1-5-21-3646860325-1815257157-3205558847
sambaAlgorithmicRidBase: 1000
# computers, mr.inf.tu-dresden.de
dn: ou=computers,dc=mr,dc=inf,dc=tu-dresden,dc=de
ou: computers
objectClass: top
objectClass: organizationalUnit
description: Windows Domain Computers
# people, mr.inf.tu-dresden.de
dn: ou=people,dc=mr,dc=inf,dc=tu-dresden,dc=de
ou: people
objectClass: organizationalUnit
description: Users of the Organization
# group, mr.inf.tu-dresden.de
dn: ou=group,dc=mr,dc=inf,dc=tu-dresden,dc=de
ou: group
objectClass: organizationalUnit
description: System Groups
# Domain Users, group, mr.inf.tu-dresden.de
dn: cn=Domain Users,ou=group,dc=mr,dc=inf,dc=tu-dresden,dc=de
objectClass: sambaGroupMapping
objectClass: posixGroup
objectClass: top
gidNumber: 201
cn: Domain Users
description: Windows Domain Users
displayName: Domain Users
sambaGroupType: 2
sambaSID: S-1-5-21-3646860325-1815257157-3205558847-513
# Power Users, group, mr.inf.tu-dresden.de
dn: cn=Power Users,ou=group,dc=mr,dc=inf,dc=tu-dresden,dc=de
objectClass: sambaGroupMapping
objectClass: posixGroup
objectClass: top
cn: Power Users
description: Members can share directories and printers
description: Windows Domain Members can share directories and printers
sambaSID: S-1-5-21-3646860325-1815257157-3205558847-1447
sambaGroupType: 2
displayName: Power Users
gidNumber: 223
# Account Operators, group, mr.inf.tu-dresden.de
dn: cn=Account Operators,ou=group,dc=mr,dc=inf,dc=tu-dresden,dc=de
objectClass: sambaGroupMapping
objectClass: posixGroup
objectClass: top
cn: Account Operators
gidNumber: 224
description: Windows Domain Users to manipulate users accounts
displayName: Account Operators
sambaSID: S-1-5-32-1449
sambaGroupType: 5
# Server Operators, group, mr.inf.tu-dresden.de
dn: cn=Server Operators,ou=group,dc=mr,dc=inf,dc=tu-dresden,dc=de
objectClass: sambaGroupMapping
objectClass: posixGroup
objectClass: top
cn: Server Operators
gidNumber: 225
description: Windows Domain Server Operators
displayName: Server Operators
sambaSID: S-1-5-32-1541
sambaGroupType: 5
# Print Operators, group, mr.inf.tu-dresden.de
dn: cn=Print Operators,ou=group,dc=mr,dc=inf,dc=tu-dresden,dc=de
objectClass: sambaGroupMapping
objectClass: posixGroup
objectClass: top
cn: Print Operators
gidNumber: 226
description: Windows Domain Print Operators
displayName: Print Operators
sambaSID: S-1-5-32-1453
sambaGroupType: 5
# Domain Admins, group, mr.inf.tu-dresden.de
dn: cn=Domain Admins,ou=group,dc=mr,dc=inf,dc=tu-dresden,dc=de
objectClass: sambaGroupMapping
objectClass: posixGroup
objectClass: top
cn: Domain Admins
gidNumber: 200
memberUid: administrator
description: Windows Domain Admins
sambaSID: S-1-5-21-3646860325-1815257157-3205558847-512
sambaGroupType: 2
displayName: Domain Admins
# nobody, group, mr.inf.tu-dresden.de
dn: cn=nobody,ou=group,dc=mr,dc=inf,dc=tu-dresden,dc=de
objectClass: posixGroup
objectClass: top
objectClass: sambaGroupMapping
cn: nobody
userPassword:: e2NyeXB0fXg=
gidNumber: 99
memberUid: nobody
sambaSID: S-1-5-32-546
sambaGroupType: 2
displayName: nobody
description: Local Unix group
# Domain Guests, group, mr.inf.tu-dresden.de
dn: cn=Domain Guests,ou=group,dc=mr,dc=inf,dc=tu-dresden,dc=de
objectClass: top
objectClass: posixGroup
objectClass: sambaGroupMapping
gidNumber: 202
cn: Domain Guests
description: Windows Domain Guests Users
sambaGroupType: 2
displayName: Domain Guests
sambaSID: S-1-5-21-3646860325-1815257157-3205558847-514
memberUid: nobody
# guests, group, mr.inf.tu-dresden.de
dn: cn=guests,ou=group,dc=mr,dc=inf,dc=tu-dresden,dc=de
objectClass: sambaGroupMapping
objectClass: posixGroup
objectClass: top
description: Windows Domain Users granted guest access to the
computer/domain
displayName: Guests
gidNumber: 222
cn: guests
sambaSID: S-1-5-21-3646860325-1815257157-3205558847-1445
sambaGroupType: 2
memberUid: nobody
# Backup Operators, group, mr.inf.tu-dresden.de
dn: cn=Backup Operators,ou=group,dc=mr,dc=inf,dc=tu-dresden,dc=de
objectClass: posixGroup
objectClass: sambaGroupMapping
gidNumber: 227
cn: Backup Operators
description: Windows Domain Members can bypass file security to back up
files
displayName: Backup Operators
sambaSID: S-1-5-32-1455
sambaGroupType: 5
# replicator, group, mr.inf.tu-dresden.de
dn: cn=replicator,ou=group,dc=mr,dc=inf,dc=tu-dresden,dc=de
objectClass: sambaGroupMapping
objectClass: posixGroup
objectClass: top
gidNumber: 228
cn: replicator
sambaSID: S-1-5-21-3646860325-1815257157-3205558847-1457
sambaGroupType: 2
displayName: Replicator
# Enterprise Admins, group, mr.inf.tu-dresden.de
dn: cn=Enterprise Admins,ou=group,dc=mr,dc=inf,dc=tu-dresden,dc=de
objectClass: posixGroup
objectClass: sambaGroupMapping
cn: Enterprise Admins
gidNumber: 203
sambaGroupType: 2
displayName: Enterprise Admins
sambaSID: S-1-5-21-3646860325-1815257157-3205558847-519
# Administrators, group, mr.inf.tu-dresden.de
dn: cn=Administrators,ou=group,dc=mr,dc=inf,dc=tu-dresden,dc=de
objectClass: sambaGroupMapping
objectClass: posixGroup
objectClass: top
cn: Administrators
memberUid: administrator
description: Members can fully administer the computer/domain
gidNumber: 220
sambaGroupType: 5
displayName: Administrators
sambaSID: S-1-5-32-1441
# administrator, people, mr.inf.tu-dresden.de
dn: uid=administrator,ou=people,dc=mr,dc=inf,dc=tu-dresden,dc=de
sambaPwdCanChange: 1066804456
sambaPwdMustChange: 2147483647
sambaLMPassword: xxxxx
sambaNTPassword: xxxxx
sambaPwdLastSet: 1066804456
sambaAcctFlags: [U ]
sambaLogonScript: logon.bat
objectClass: top
objectClass: account
objectClass: posixAccount
objectClass: shadowAccount
objectClass: sambaSamAccount
cn: administrator
o: TU Dresden
ou: Professur Mikrorechner
l: Dresden
uid: administrator
uidNumber: 511
gidNumber: 0
homeDirectory: /home/administrator
loginShell: /bin/bash
userPassword:: xxxxx
shadowLastChange: 12286
shadowMax: 99999
shadowWarning: 7
sambaSID: S-1-5-21-3646860325-1815257157-3205558847-500
sambaPrimaryGroupSID: S-1-5-21-3646860325-1815257157-3205558847-512
sambaDomainName: MIKRORECHNER
sambaHomeDrive: U:
sambaHomePath: \\piggy\homes
sambaProfilePath: \\piggy\profiles\administrator
# nobody, people, mr.inf.tu-dresden.de
dn: uid=nobody,ou=people,dc=mr,dc=inf,dc=tu-dresden,dc=de
objectClass: top
objectClass: account
objectClass: posixAccount
objectClass: shadowAccount
objectClass: sambaSamAccount
cn: nobody
o: TU Dresden
ou: Professur Mikrorechner
l: Dresden
uid: nobody
uidNumber: 99
gidNumber: 99
homeDirectory: /
loginShell: /dev/null
shadowLastChange: 12286
shadowMax: 99999
shadowWarning: 7
sambaSID: S-1-5-21-3646860325-1815257157-3205558847-501
sambaPrimaryGroupSID: S-1-5-21-3646860325-1815257157-3205558847-514
sambaDomainName: MIKRORECHNER
sambaAcctFlags: [U ]
sambaPwdCanChange: 1069324324
sambaPwdMustChange: 2147483647
sambaLMPassword: xxxxx
sambaNTPassword: xxxxx
sambaPwdLastSet: 1069324324
More information about the samba
mailing list