R: [Samba] enabling "null session" on a share

Alessandro Tinivelli alessandro.tinivelli at monrif.net
Fri Jun 26 08:52:29 GMT 2009

Bad news... i have been able to set up an anonymous share and any
windows client (inside and outside the domain) can connect without been
asked for any password.


But on a machine (win2003,present in hosts allow) runs a service
(running as local system account) which is not able to connect to the
share. In samba log i see the following error


"make_connection: connection to onanon denied due to security


is it possible to solve my issue? Or, maybe, i can try to make the
service run as another user? (i don't know if this is good for the
application using this process).


below my current samba.conf




        workgroup = POL

        realm = POL.DOM

        server string = NAS03 (Samba %v)

        security = ADS

        map to guest = Bad Password

        log file = /var/log/samba/%m.log

        max log size = 50

        socket options = TCP_NODELAY IPTOS_LOWDELAY

        idmap uid = 10000-20000

        idmap gid = 10000-20000

        winbind cache time = 10

        winbind use default domain = Yes

        winbind nss info = rfc2307



        comment = Condivisione  anonima

        path = /storage/samba/GCP/on

        force group = gcp

        read only = No

        hosts allow =,,

        guest ok = Yes

        browseable = No



ith the security risks involved with null sessions. 

More information about the samba mailing list