[Samba] Guest account access with User mode security?

[Tim Bates]

I'm getting that same problem since upgrading my Debian server from 
Sarge to Etch. I've got the "map to guest = bad user" thing in my 
config, but it's like it doesn't work now.
In the end, since 99.9% of the access I needed was as guest anyway, I 
switched those shares over to share security. Of course that breaks 
having the ability to have separate RO/RW access for different people.

Unfortunately no one on the list could help with the actual problem, and 
I haven't had much time to really try and fix it.
I hope you can get a solution, because I really want to know too  :-)

TB

Mansell, Gary wrote:
> Hi,
>
> I have a Samba server that I have just transitioned from Samba v2 to v3
> and at the same time I have changed from share mode security to user
> mode security.
>
> I having problems allowing guest access to some of my shares on the
> server. I have some shares (such as apps and cdrom etc) that I would
> like to allow anyone to access - even if they do not have an login
> account on the Samba server. This worked fine in share mode security but
> does not seem to work in user mode security.
>
> If a user (who does not have a login account on the Samba server) tries
> to map a guest share, the user gets presented with a login dialog asking
> for a password for the Guest account - how can I just allow access
> without the user being asked for a password?
>
> Here is my smb.conf including a guest only share for the cdrom.
>
> Any help gratefully received
>
> Regards
>
> Gary
>
>
> [global]
>
> workgroup = DFGSRV
> server string = dfgsrv Samba Server %v
> printcap name = /etc/printcap
> load printers = yes
> printing = cups
> cups options = raw
> log file = /var/log/samba/%m.log
> max log size = 200
> security = user
> password level = 8
> username level = 8
> socket options = SO_KEEPALIVE SO_BROADCAST TCP_NODELAY IPTOS_THROUGHPUT
> dns proxy = no 
> log level = 9
> deadtime = 30
> oplocks = false
> level2 oplocks = false
> encrypt passwords = no
> idmap uid = 16777216-33554431
> idmap gid = 16777216-33554431
> template shell = /bin/false
> winbind use default domain = no
> map to guest = Bad User
>
>
> [homes]
>    comment = Home Directories
>    browseable = yes
>    writable = yes
>    create mode = 0664
>    directory mode = 0775
>
> [cdrom]
>         path = /media/cdrom
>         writeable = no
>         browseable = yes
>         guest ok = yes
>         comment = dfgsrv CDROM Drive
> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
> This e-mail and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed.If you have received this e-mail in error please notify the sender immediately and delete this e-mail from your system.Please note that any views or opinions presented in this e-mail are solely those of the author and do not necessarily represent those of Ricardo (save for reports and other documentation formally approved and signed for release to the intended recipient).Only Directors are authorised to enter into legally binding obligations on behalf of Ricardo. Ricardo may monitor outgoing and incoming e-mails and other telecommunications systems.
> By replying to this e-mail you give consent to such monitoring.The recipient should check e-mail and any attachments for the presence of viruses. Ricardo accepts no liability for any damage caused by any virus transmitted by this e-mail. "Ricardo" means Ricardo plc and its subsidiary companies.
> Ricardo plc is a public limited company registered in England with registered number 00222915.
> The registered office of Ricardo plc is Shoreham Technical Centre, Shoreham-by Sea, West Sussex, BN43 5FG.
> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 
>