[Samba] authentication problem with WinXP clients

Jouda Hrouda mlszs at seznam.cz
Thu Oct 6 14:01:11 GMT 2005 

Hello,

we have problem with user authentication when accessing shared folders at 
standalone Samba server (security=share) from Windows XP. 

There is no problem accessing public folders ("guest ok=yes" and "guest 
only=yes"). But when trying to access non-public folders ("guest ok=no" 
with valid users definition), username / password dialog appears, but username 
is always "servername/Guest" and is greyed out, so it can not be changed. 
Windows 2000 client is OK - user can enter whatever username in username field.

I know the difference between "share" and "user" security modes, which might 
cause the unchangeable username. But it works in Win2000 ... and based on their 
specs none of them suits IMHO our objective: 
- to have public folders and folders with limited access on one server 
- don't annoy users with authentication when they want to access public folders at all.
(username/password authentication should proceed only when clicking on non-public folder).

Is this possible ? Like allow clients to send username in share mode or don't 
require login to server in user mode first ? Or any other way ?

Thanks.

Charon

Just in case ... Samba version 3.0.20 and smb.conf:

------------------------------------------
[global]
server string = XXXXXX
netbios name = XXXXX
workgroup = XXXXXX
domain master = yes
local master = yes
preferred master = yes
os level = 127
wins support = yes

interfaces = eth0 lo
bind interfaces only = yes
hosts allow = 192.168.1. 127.
security = share
encrypt passwords = yes
smb passwd file = /etc/samba/smbpasswd
guest account = share

load printers = yes
printing = lprng
printcap name = /etc/printcap
max print jobs = 200
lpq cache time = 20
printer admin = user

syslog only = yes
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
dns proxy = no
kernel oplocks = no

[printers]
comment = All printers
path = /var/spool/print/samba
guest ok = yes
writeable = no
browsable = no
printable = yes
print command = /usr/bin/lpr -U%U@%M -r -P%p %s
lpq command = /usr/bin/lpq -U%U@%M -P%p
lprm command = /usr/bin/lprm -U%U@%M -P%p %j
lppause command = /usr/bin/lpc -U%U@%M hold %p %j
lpresume command = /usr/bin/lpc -U%U@%M release %p %j
queuepause command = /usr/bin/lpc -U%U@%M stop %p
queueresume command = /usr/bin/lpc -U%U@%M start %p

#
# Default folders
#

# internet presentation
[Internet]
path = /var/share/internet
guest ok = no
writable = yes
printable = no
valid users = +admins
create mode = 0664
directory mode = 0775
vfs objects = netatalk

# intranet presentation
[Intranet]
path = /var/share/intranet
guest ok = no
writable = yes
printable = no
valid users = +share
create mode = 0664
directory mode = 0775
vfs objects = netatalk

# users shared data
[Z]
path = /var/share/public
guest ok = yes
guest only = yes
writable = yes
printable = no
vfs objects = netatalk

--------------------------------------------------

More information about the samba mailing list