[Samba] getting ERROR: failed to setup guest info. But I cannot setup a guest account due to security policies

steve steve at steve-ss.com
Tue Nov 12 11:39:48 MST 2013

On Tue, 2013-11-12 at 13:27 -0500, Jon West wrote:
> Sure, its a single windows share that's hosted on a windows machine
> thats a part of an AD domain. This can be done by typing in the user
> ADusername and ADpassword as the username and password arguments in
> the mount commad (mount -t cifs blah blah blah -o username=username
> password=password blah blah blah) But due to security policy we can't
> have people typing out their passwords in plaintext on the screen and
> I can't have a password file to look up to store those passwords, plus
> it would be annoying to have to go and change the file every time a
> user changes their domain password. What I would like to happen is for
> the user to just be able to type "mount -t
> cifs //server/share /localdir" I can't have the domain passwords
> displayed in plain text or transmitted in plain text

OK. We'll automount it whenever the user goes to the share. No passwords
or usernames. All Kerberos.

AD hostname adserver
Share that needs mounting someplace (could be c:\users\jon\someplace)
Mount point on client /home/someplace

/home /etc/auto.someplace

someplace -fstype=cifs, sec=krb5,username=MACHINE
$,multiuser ://adserver/someplace

We'll need to know the cifs.upcall config in:

Make sure autofs and cifs-utils are installed and that /home/someplace
does not exist.
fire up autofs and have a look at the output of mount

Now login as a domain user and go to /home/someplace

Any problems: tail -28 /var/log/messages
just after you attempt the mount.


> On Tue, Nov 12, 2013 at 1:17 PM, steve <steve at steve-ss.com> wrote:
>         On Tue, 2013-11-12 at 18:06 +0000, Rowland Penny wrote:
>         > On 12/11/13 18:04, steve wrote:
>         > > On Tue, 2013-11-12 at 12:57 -0500, Jon West wrote:
>         > >> You are correct, only want to authenticate  with AD
>         credentials, also
>         > >> want to be able to mount a windows share (from the native
>         windows
>         > >> machine) on the linux machine without having to type in
>         domain
>         > >> credentials at each time of mount or have the passwords
>         stored in
>         > >> plaintext on the linux machine
>         > >>
>         > > **posts are crossing. I'll shut up until we sync.
>         > > Steve
>         > >
>         > >
>         > No, I'll shut up, you tell him about Autofs
>         >
>         > Rowland
>         >
>         LOL. Putting on autofs hat! Let's make a start. this could be
>         a long
>         one. . .
>         Will need to know what needs mounting. @Jon can you give us a
>         bit more
>         detail of the stuff you need cifs-ing over to the Red Hat
>         clients? Or
>         maybe you'd be satisfied with a permanent fstab mount?
>         Cheers,
>         Steve

More information about the samba mailing list