[Samba] "map to guest = bad user" ignored in Samba 4?
Sebastian Arcus
shop at open-t.co.uk
Fri Feb 15 09:35:53 MST 2013
Hi Ricky,
Thanks for the reply. I have tried changing the permissions on the
netlogon share and the strange thing is that none of the changes I do in
the Security/ACL tab from the Windows XP machine which is joined to the
domain (but on the netlogon share which is on the server) actually
stick. I can access the shares fine with that machine, but if I change
the permissions, it seems to just ignore the changes - no error message.
I am logged in as the domain Administrator - so it seems like a bit of a
mystery. Then again - maybe I've done something silly when I've setup
this Samba AD DC - although I've followed all the instructions on the
Samba wiki and everything else seems to be working fine.
Sebastian
On 14/02/13 05:31, Ricky Nance wrote:
> Hi Sebastian,
> Many of the per share options can now be done using ACL's. In this case
> you would open the netlogon share (via windows) start -> run ->
> \\MY-SERVER\netlogon (then press enter), then right click on a blank
> spot in that folder (not on any other file or folder) and select
> properties. Find the security tab and you can make the modifications you
> want (specifically adding Everyone with full permissions should give you
> what you are looking for, though I have not been able to test this yet).
> If I get a chance soon I will do some testing to make sure that the acl
> change is all that is needed.
>
> To find out what options are available, samba-tool testparm -v will give
> you a nice list (at least for global).
>
> Ricky
>
>
> On Wed, Feb 13, 2013 at 4:33 AM, Sebastian Arcus <shop at open-t.co.uk
> <mailto:shop at open-t.co.uk>> wrote:
>
> I would like to migrate some of my Samba 3.x domains to Samba 4.
> Part of the functionality of the current system is allowing some
> Windows XP Pro computers, which are not joined to the domain, access
> to some public shares on the Samba server. I tried using "map to
> guest = bad user" with Samba 4 - but it appears to be completely
> ignored and the Windows XP machine keeps on prompting for
> username/password when trying to access the server share. Has this
> option been dropped in Samba 4? Is there another way to accomplish
> the same?
>
> Otherwise my Samba 4 domain seems to be working fine - and the
> Windows XP Pro machines which are joined to it can access the share
> fine.
>
> As a side note, I find it hard to figure out which smb.conf options
> are still available for Samba 4 and which are not. I've googled
> around and can't seem to find a wiki page or authoritative page.
>
> I use Samba 4.1.0pre1
>
> Here is my smb.conf
>
>
> [global]
> workgroup = MYDOMAIN
> realm = mydomain.local
> netbios name = MY-SERVER
> server role = active directory domain controller
> idmap_ldb:use rfc2307 = yes
> map to guest = bad user
>
> [netlogon]
> path = /var/lib/samba/sysvol/__mydomain.local/scripts
> read only = No
> public = Yes
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/__mailman/options/samba
> <https://lists.samba.org/mailman/options/samba>
>
>
>
>
> --
>
--
Linux vehicle CCTV - www.open-t.co.uk/iroko
More information about the samba
mailing list