[Samba] samba: offer public share to Windows 98 and writable share to Windows XP

Zhang Weiwu zhangweiwu at realss.com
Wed Apr 11 03:57:34 GMT 2007

Dear List. My requirement is to set up a samba share named "music"
     I. it's read-only accessible from both Windows 98 and Windows
        2000/XP not requiring password; 
    II. it's write-accessible from Windows XP protected by a password.

I thought in order to cope with Windows 98 I need to 
     I. use "security = share" (done), and set "guest ok = nobody" 
    II. make sure "nobody" have read-only access on the Linux server the
        directory to be shared (done) 
   III. test the server against Windows all versions to make sure public
        read-only access is okay and do not require a password (done);

Now my problem is: the windows XP user who should have write access to
the share, never actually got write access. Here is how it happens:

     I. A user "music" (same as the share name) exists on Linux samba
        server and have full write access to the directory being
    II. the Windows XP user, when accessing the share, is not prompted
        for password and got read-only access (expected); 
   III. now the XP user wish to write the share, she go to create a map
        from the share "\\server\music" to "Z:", in that dialog box she
        got the option to login as another user (fine); 
    IV. she choose to login as "music", password which is the password
        of Linux user "music", and click login; 
     V. login failed, she is asked for username again (surprise);

>From what I've read on the smb.conf manual, it says:

        Note  that  smbd  ALWAYS uses a valid UNIX user to act on behalf
        of the client, even in security = share level security.
        As clients are not required to send a username to the server in
        share level  security,  smbd  uses several techniques to
        determine the correct UNIX user to use on behalf of the client.
              * The name of the service the client requested is added as
                a potential username. 
        If  the  guest only parameter is not set, then this list is then
        tried with the supplied password. The first user for whom the
        password matches will be used as the UNIX user.

So, if I understood the manual correctly, the name of the service
"music" is a potential username, and the password sent from Windows XP
to Samba on Linux is tried with "music" and should gets validated as
Linux user "music". This should happen whatever username the Windows XP
user filled, because "music" will always be a potential username.

The question is now how do I let the Windows XP user write the share?
I'd very much appreciate a solution and somone point me out my
misunderstanding of the manual (if I did). Thanks a lot in advance!

Zhang Weiwu
Real Softservice
+86 592 2091112

More information about the samba mailing list