[Samba] guest access in server security mode?

Dan Armbrust daniel.armbrust.list at gmail.com
Fri Aug 4 19:37:00 GMT 2006

I have a samba server that is configured in "server" mode.

However, I want to share one folder to everyone - whether or not they 
have a real account on my system, or on the server that I am 
authenticating against.

The [global] section of my config file has things like this:

        log file = /var/log/samba/%m.log
        load printers = no
        guest account = lexbig
        idmap gid = 16777216-33554431
        socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
        map to guest = Bad Uid
        null passwords = yes
        encrypt passwords = yes
        winbind use default domain = no
        template shell = /bin/false
        dns proxy = no
        cups options = raw
        netbios name = servername
        server string =server description
        idmap uid = 16777216-33554431
        password server = server name
        workgroup = workgroup name
        os level = 20
        printcap name = /etc/printcap
        security = server
        preferred master = no
        local master = no
        domain master = no
        max log size = 50

The public share that I want to create looks like this:

        guest ok = yes
        force user = lexbig
        browseable = yes
        writeable = yes
        only guest = yes
        public = yes
        path = /home/lexbig/demo
        force group = lexbig

But it continues to insist on authenticating against the domain server. 
  If I connect with a valid user name and password, everything works as 
I expect - I connect to the public share as the user 'lexbig'.  But - if 
I connect with an invalid user name and password (according to the 
domain server) - I get this in the log file:

[2006/08/04 09:47:21, 1] auth/auth_server.c:check_smbserver_security(363)
  password server the-server rejected the password

And it rejects me.
I have tried all of the values for 'map to guest' - Bad Uid, Bad 
Password, and Bad User - but they all have the same exact behavior.

Is there a way to do what I'm trying to do?  This seems like such a 
simple thing - but I can't get it to work.

I was originally using 3.0.10 or so - whatever came with fedora core 3, 
but now I built the current from source - and it has the same behavior.



Daniel Armbrust
Biomedical Informatics
Mayo Clinic Rochester

More information about the samba mailing list