R: [Samba] enabling "null session" on a share
Alessandro Tinivelli
alessandro.tinivelli at monrif.net
Fri Jun 26 08:52:29 GMT 2009
Bad news... i have been able to set up an anonymous share and any
windows client (inside and outside the domain) can connect without been
asked for any password.
But on a machine (win2003,present in hosts allow) runs a service
(running as local system account) which is not able to connect to the
share. In samba log i see the following error
"make_connection: connection to onanon denied due to security
descriptor."
is it possible to solve my issue? Or, maybe, i can try to make the
service run as another user? (i don't know if this is good for the
application using this process).
below my current samba.conf
-------------------------------------------------------------
[global]
workgroup = POL
realm = POL.DOM
server string = NAS03 (Samba %v)
security = ADS
map to guest = Bad Password
log file = /var/log/samba/%m.log
max log size = 50
socket options = TCP_NODELAY IPTOS_LOWDELAY
idmap uid = 10000-20000
idmap gid = 10000-20000
winbind cache time = 10
winbind use default domain = Yes
winbind nss info = rfc2307
[onanon]
comment = Condivisione anonima
path = /storage/samba/GCP/on
force group = gcp
read only = No
hosts allow = 10.101.37.23, 10.101.37.22, 10.101.37.24
guest ok = Yes
browseable = No
---------------------------------------------------------------
ith the security risks involved with null sessions.
More information about the samba
mailing list