[Samba] Samba tuning - ldapsam:trusted
Adam Tauno Williams
adamtaunowilliams at gmail.com
Fri Aug 24 15:05:18 GMT 2007
On Fri, 2007-08-24 at 11:30 -0300, Guilherme Sperb Machado wrote:
> but this account called "pcnet" need to have any relation to LDAP
> server?
It needs to be a valid account.
> I mean... LDAP server processes must be running with pcnet
> account?!
No? Where did you get this idea? it is just a user context to map
anonymous connections to.
> If no, I do not set any kind of password?!
Nope,
> and guest account should be set to "guest account = pcnet" ?!?
Yep, or whatever account you use.
guest account = pcnet
Note this section from the smb.conf man page:
-------------------------------------------------
Note that the name of the resource being requested is not sent
to the server until after the server has successfully authenti‐
cated the client. This is why guest shares don't work in user
level security without allowing the server to automatically map
unknown users into the guest account. See the map to guest
parameter for details on doing this.
And the "map to guest" directive:
---------------------------------
Note that this parameter is needed to set up "Guest" share ser‐
vices when using security modes other than share. This is
because in these modes the name of the resource being requested
is not sent to the server until after the server has success‐
fully authenticated the client so the server cannot make authen‐
tication decisions at the correct time (connection to the share)
for "Guest" shares.
You probably want:
map to guest = Bad User
- if you are actually running guest access shares.
--
Adam Tauno Williams, Network & Systems Administrator
Consultant - http://www.whitemiceconsulting.com
Developer - http://www.opengroupware.org
More information about the samba
mailing list