[Samba] WinXP client always connects as Gaia\Guest
Dege, Robert C.
robert.dege at ngc.com
Wed Dec 15 18:31:31 GMT 2004
I've have this problem with my setup at home. It has something to do with WinXP Professional, and a 'new' feature called forceguest. It's supposed to be a security feature implemented in XP.
Googling for 'forceguest' && XP should lead you to a few pages that help to disable this forceguest feature, or circumvent it.
-Rob
> -----Original Message-----
> From: samba-bounces+robert.dege=ngc.com at lists.samba.org
> [mailto:samba-bounces+robert.dege=ngc.com at lists.samba.org]
> Sent: Wednesday, December 15, 2004 11:05 AM
> To: Woellert, Kirk D.
> Cc: samba at lists.samba.org
> Subject: Re: [Samba] WinXP client always connects as Gaia\Guest
>
>
> Woellert, Kirk D. wrote:
>
> >Mounting by IP does not make a difference. Somehow WinXP or
> Samba always tries to set up the connection as Guest. Even if
> one specifies a specific user.
> >
> >
>
> I colored some smb.conf lines red. Check those. It seems
> you have like
> every option in smb.conf...why? Check man smb.conf...if you're using
> default values already, why put them in smb.conf?
>
> >-----Original Message-----
> >From: Thomas M. Skeren III [mailto:tms3 at fskklaw.com]
> >Sent: Tuesday, December 14, 2004 7:39 PM
> >To: Woellert, Kirk D.
> >Cc: samba at lists.samba.org
> >Subject: Re: [Samba] WinXP client always connects as Gaia\Guest
> >
> >
> >Woellert, Kirk D. wrote:
> >
> >
> >
> >>All attempts to connect to our Samba server, share "\data"
> from any Windows client fails. I'm trying to get samba to
> prompt the windows user with a login box, have them enter the
> samba username/password, then head onto the share.
> >>
> >>If I use in the address field the following:
> >>
> >>\\gaia\data /user:woellki
> >>
> >>
> >>
> >>
> >Try mounting the share by IP address----\\ipaddy\data
> >
> >
> >
> >>a dialog box appears, with the username field greyed out
> "Gaia\Guest" is shown, with blank password field. I hit
> cancel and WinXP returns the following message:
> >>
> >>Windows cannot find "\\gaia\data /user:woellki". Check the
> spelling and try again, or try searching for the item by
> clicking the Start button and then clicking Search.
> >>
> >>A valid samba user account exists, which happens to match
> the linux account. Windows clients are members of the
> following corporate domain: northgrum.
> >>
> >>Samba 3.0.9
> >>RH9 Final (20-31.9)
> >>
> >># Samba config file created using SWAT
> >># from 137.51.14.53 (137.51.14.53)
> >># Date: 2004/12/14 17:25:11
> >>
> >># Global parameters
> >>[global]
> >> dos charset = CP850
> >> unix charset = UTF-8
> >> display charset = LOCALE
> >> workgroup = LUI_DCO
> >> realm =
> >> netbios name = GAIA
> >> netbios aliases =
> >> netbios scope =
> >> server string = gaia irad server
> >> interfaces =
> >> bind interfaces only = No
> >> security = USER
> >> auth methods =
> >> encrypt passwords = Yes
> >> update encrypted = No
> >> client schannel = Auto
> >> server schannel = Auto
> >> allow trusted domains = Yes
> >> hosts equiv =
> >> min password length = 5
> >> map to guest = Never
> >> null passwords = No
> >> obey pam restrictions = No
> >> password server = *
> >> smb passwd file = /etc/samba/smbpasswd
> >> private dir = /etc/samba
> >> passdb backend = smbpasswd
> >> algorithmic rid base = 1000
> >> root directory =
> >> guest account = nobody
> >> pam password change = No
> >> passwd program =
> >> passwd chat = *new*password* %n\n *new*password* %n\n *changed*
> >> passwd chat debug = No
> >> passwd chat timeout = 2
> >> check password script =
> >> username map = /etc/samba/smbusers
> >> password level = 0
> >> username level = 0
> >> unix password sync = No
> >> restrict anonymous = 0
> >> lanman auth = Yes
> >> ntlm auth = Yes
> >> client NTLMv2 auth = No <-why no?
> >> client lanman auth = Yes
> >> client plaintext auth = Yes should be no
> >> preload modules =
> >> use kerberos keytab = No
> >> log level = 0
> >> syslog = 1
> >> syslog only = No
> >> log file = /var/log/samba/%m.log
> >> max log size = 5000
> >> debug timestamp = Yes
> >> debug hires timestamp = No
> >> debug pid = No
> >> debug uid = No
> >> smb ports = 445 139
> >> large readwrite = Yes
> >> max protocol = NT1
> >> min protocol = CORE
> >> read bmpx = No
> >> read raw = Yes
> >> write raw = Yes
> >> disable netbios = No
> >> acl compatibility =
> >> defer sharing violations = Yes
> >> nt pipe support = Yes
> >> nt status support = Yes
> >> announce version = 4.9
> >> announce as = NT
> >> max mux = 50
> >> max xmit = 16644
> >> name resolve order = lmhosts wins host bcast
> >> max ttl = 259200
> >> max wins ttl = 518400
> >> min wins ttl = 21600
> >> time server = No
> >> unix extensions = Yes
> >> use spnego = Yes
> >> client signing = auto
> >> server signing = No <- why not agree with client
> >> client use spnego = Yes
> >> change notify timeout = 60
> >> deadtime = 0
> >> getwd cache = Yes
> >> keepalive = 300
> >> kernel change notify = Yes
> >> lpq cache time = 10
> >> max smbd processes = 0
> >> paranoid server security = Yes
> >> max disk size = 0
> >> max open files = 10000
> >> socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
> >> use mmap = Yes
> >> hostname lookups = No
> >> name cache timeout = 660
> >> load printers = Yes
> >> printcap cache time = 0
> >> printcap name = cups
> >> cups server =
> >> disable spoolss = No
> >> enumports command =
> >> addprinter command =
> >> deleteprinter command =
> >> show add printer wizard = Yes
> >> os2 driver map =
> >> mangling method = hash2
> >> mangle prefix = 1
> >> stat cache = Yes
> >> machine password timeout = 604800
> >> add user script =
> >> delete user script =
> >> add group script =
> >> delete group script =
> >> add user to group script =
> >> delete user from group script =
> >> set primary group script =
> >> add machine script =
> >> shutdown script =
> >> abort shutdown script =
> >> logon script =
> >> logon path = \\%N\%U\profile
> >> logon drive =
> >> logon home = \\%N\%U
> >> domain logons = No
> >> os level = 20
> >> lm announce = Auto
> >> lm interval = 60
> >> preferred master = No
> >> local master = No
> >> domain master = No
> >> browse list = Yes
> >> enhanced browsing = Yes
> >> dns proxy = Yes
> >> wins proxy = No
> >> wins server =
> >> wins support = Yes
> >> wins hook =
> >> wins partners =
> >> kernel oplocks = Yes
> >> lock spin count = 3
> >> lock spin time = 10
> >> oplock break wait time = 0
> >> ldap admin dn =
> >> ldap delete dn = No
> >> ldap filter = (uid=%u)
> >> ldap group suffix =
> >> ldap idmap suffix =
> >> ldap machine suffix =
> >> ldap passwd sync = no
> >> ldap replication sleep = 1000
> >> ldap suffix =
> >> ldap ssl = no
> >> ldap timeout = 15
> >> ldap user suffix =
> >> add share command =
> >> change share command =
> >> delete share command =
> >> config file =
> >> preload =
> >> lock directory = /var/lib/samba
> >> pid directory = /var/run
> >> utmp directory =
> >> wtmp directory =
> >> utmp = No
> >> default service =
> >> message command =
> >> dfree command =
> >> get quota command =
> >> set quota command =
> >> remote announce =
> >> remote browse sync =
> >> socket address = 0.0.0.0
> >> homedir map =
> >> afs username map =
> >> time offset = 0
> >> NIS homedir = No
> >> panic action =
> >> host msdfs = No
> >> enable rid algorithm = Yes
> >> idmap backend =
> >> idmap uid =
> >> idmap gid =
> >> template primary group = nobody
> >> template homedir = /home/%D/%U
> >> template shell = /bin/false
> >> winbind separator = \
> >> winbind cache time = 300
> >> winbind enable local accounts = No
> >> winbind enum users = Yes
> >> winbind enum groups = Yes
> >> winbind use default domain = No
> >> winbind trusted domains only = No
> >> winbind nested groups = No
> >> comment =
> >> path =
> >> username =
> >> invalid users =
> >> valid users =
> >> admin users =
> >> read list =
> >> write list =
> >> printer admin =
> >> force user =
> >> force group =
> >> read only = Yes
> >> create mask = 0744
> >> force create mode = 00
> >> security mask = 0777
> >> force security mode = 00
> >> directory mask = 0755
> >> force directory mode = 00
> >> directory security mask = 0777
> >> force directory security mode = 00
> >> force unknown acl user = No
> >> inherit permissions = No
> >> inherit acls = No
> >> guest only = No
> >> guest ok = No
> >> only user = No
> >> hosts allow = 137.51.14.
> >> hosts deny =
> >> ea support = No
> >> nt acl support = Yes
> >> profile acls = No
> >> map acl inherit = No
> >> afs share = No
> >> block size = 1024
> >> max connections = 0
> >> min print space = 0
> >> strict allocate = No
> >> strict sync = No
> >> sync always = No
> >> use sendfile = No
> >> write cache size = 0
> >> max reported print jobs = 0
> >> max print jobs = 1000
> >> printable = No
> >> printing = cups
> >> cups options =
> >> print command =
> >> lpq command =
> >> lprm command =
> >> lppause command =
> >> lpresume command =
> >> queuepause command =
> >> queueresume command =
> >> printer name =
> >> use client driver = No
> >> default devmode = No
> >> force printername = No
> >> default case = lower
> >> case sensitive = Auto
> >> preserve case = Yes
> >> short preserve case = Yes
> >> mangling char = ~
> >> hide dot files = Yes
> >> hide special files = No
> >> hide unreadable = No
> >> hide unwriteable files = No
> >> delete veto files = No
> >> veto files =
> >> hide files =
> >> veto oplock files =
> >> map system = No
> >> map hidden = No
> >> map archive = Yes
> >> mangled names = Yes
> >> mangled map =
> >> store dos attributes = No
> >> browseable = Yes
> >> blocking locks = Yes
> >> csc policy = manual
> >> fake oplocks = No
> >> locking = Yes
> >> oplocks = Yes
> >> level2 oplocks = Yes
> >> oplock contention limit = 2
> >> posix locking = Yes
> >> strict locking = Yes
> >> share modes = Yes
> >> copy =
> >> include =
> >> preexec =
> >> preexec close = No
> >> postexec =
> >> root preexec =
> >> root preexec close = No
> >> root postexec =
> >> available = Yes
> >> volume =
> >> fstype = NTFS
> >> set directory = No
> >> wide links = Yes
> >> follow symlinks = Yes
> >> dont descend =
> >> magic script =
> >> magic output =
> >> delete readonly = No
> >> dos filemode = No
> >> dos filetimes = No
> >> dos filetime resolution = No
> >> fake directory create times = No
> >> vfs objects =
> >> msdfs root = No
> >> msdfs proxy =
> >>
> >>[public]
> >> comment = temp on gaia
> >> path = /tmp
> >> read only = No
> >> guest ok = Yes
> >>
> >>[data]
> >> comment = Data Drive
> >> path = /data
> >> read only = No
> >> inherit permissions = Yes
> >> only user = Yes
> >>
> >>
> >>
> >>
> >>
> >
> >
> >
> >
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/listinfo/samba
>
More information about the samba
mailing list