[Samba] \"map to guest = bad user\" ignored in Samba 4?

Andrew Bartlett abartlet at samba.org
Fri May 10 22:22:06 MDT 2013

On Sat, 2013-05-11 at 01:25 +0200, Samuel Cabrero wrote:
> Hi Andrew,
> I have written a small patch for this issue. I would appreciate if someone 
> could take a look at and comment. I have tested it on XP machines and seems to 
> work properly.

This certainly appears to match what I understand to be the Windows
behaviour.  However, we need tests, in particular I need to know if this
behaviour happens over LDAP, and if so, the test specifically needs to
inspect the tokenGroups attribute in the rootDSE, to ensure we match
Windows, specifically with regards to the 'authenticated user' entry in
the token.

I know this is a pain, but we do need to get this right, as marking a
guest user as 'authenticated' would be a very bad idea.

Finally, if you can prepare the patches with git format-patch, it will
make it easier for me to apply them, once we verify these things.

The test to extend is torture/unix/whoami.c invoked from


Andrew Bartlett

Andrew Bartlett                                http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org

More information about the samba mailing list