[Samba] Samba on Debian: Sarge -> Etch = broken guest shares

Tim Bates tin at new-life.org.au
Fri May 11 05:10:53 GMT 2007 

I upgraded a server from Debian Sarge to Etch the other day. Today I 
discovered a fairly major issue... All the shares I had set up for guest 
access have stopped working. The shares are meant to be writable by me 
and a few others, and read only for guest, but it's flat out refusing to 
authenticate anyone using guest (or unknown users which should be 
mapping to guest).
SMB.conf is below (with a pile of unrelated shares stripped out for space).

[global]
   workgroup = wwhs
   server string = WWHS Main Data Server
   dns proxy = no
   map to guest = Bad User
   guest account = nobody
   log file = /var/log/samba/log.%m
   log level = 2
   max log size = 1000
   syslog = 0
   panic action = /usr/share/samba/panic-action %d
   security = user
   encrypt passwords = true
   passdb backend = ldapsam:ldap://127.0.0.1/
   ldap suffix = dc=wwhs
   ldap machine suffix = ou=machines
   ldap user suffix = ou=users
   ldap group suffix = ou=groups
   ldap admin dn = "cn=admin,dc=wwhs"
   ldap delete dn = no
   obey pam restrictions = yes
   ldap password sync = yes
   pam password change = yes
   add machine script = /usr/sbin/smbldap-useradd -w "%u"
   printing = cups
   printcap name = cups
   socket options = TCP_NODELAY
   domain master = yes
   prefered master = yes
   domain logons = yes
   logon path = \\%L\Profiles\%U
   logon script = %G.bat
# The next line includes homes based on groups. Some groups need 
different options.
include = /etc/samba/homes-%G.conf
[netlogon]
   comment = Network Logon Service
   path = /samba/netlogon
   writable = yes
   share modes = no
   write list = @it-admin, root
   guest ok = no
[printers]
   comment = All Printers
   browseable = no
   path = /tmp
   printable = yes
   public = yes
   writable = no
   create mode = 0700
   guest ok = no
[print$]
   comment = Printer Drivers
   path = /samba/print$
   browseable = yes
   guest ok = no
   writable = yes
   write list = root, @it-admin
[profiles]
   comment = Account Profile Data
   path = /samba/profiles
   browsable = no
   read only = no
   guest ok = no
   create mode = 0750
   hide files = 
/desktop.ini/ntuser.ini/NTUSER.*/nethood/target.lnk/prf???.tmp/prf??.tmp/
[unattended]
    comment = Files for scripted Windows reinstalls
    path = /samba/unattended
    browsable = no
    writeable = yes
    write list = @it-admin
    create mode = 0664
    directory mode = 0775
    force group = it-admin
    valid users = @it-admin, guest, nobody
    guest ok = yes
[wpkg]
    comment = WPKG files
    path = /samba/wpkg
    browsable = no
    writeable = yes
    write list = @it-admin
    create mode = 0664
    directory mode = 0775
    force group = it-admin
    valid users = @it-admin, nobody
    guest ok = yes


**********************************************************************
This message is intended for the addressee named and may contain
privileged information or confidential information or both. If you
are not the intended recipient please delete it and notify the sender.
**********************************************************************

More information about the samba mailing list