[Samba] getting ERROR: failed to setup guest info. But I cannot setup a guest account due to security policies
steve
steve at steve-ss.com
Tue Nov 12 11:39:48 MST 2013
On Tue, 2013-11-12 at 13:27 -0500, Jon West wrote:
> Sure, its a single windows share that's hosted on a windows machine
> thats a part of an AD domain. This can be done by typing in the user
> ADusername and ADpassword as the username and password arguments in
> the mount commad (mount -t cifs blah blah blah -o username=username
> password=password blah blah blah) But due to security policy we can't
> have people typing out their passwords in plaintext on the screen and
> I can't have a password file to look up to store those passwords, plus
> it would be annoying to have to go and change the file every time a
> user changes their domain password. What I would like to happen is for
> the user to just be able to type "mount -t
> cifs //server/share /localdir" I can't have the domain passwords
> displayed in plain text or transmitted in plain text
>
OK. We'll automount it whenever the user goes to the share. No passwords
or usernames. All Kerberos.
AD hostname adserver
Share that needs mounting someplace (could be c:\users\jon\someplace)
Mount point on client /home/someplace
/etc/auto.master
/home /etc/auto.someplace
/etc/auto.someplace
someplace -fstype=cifs, sec=krb5,username=MACHINE
$,multiuser ://adserver/someplace
We'll need to know the cifs.upcall config in:
/etc/request-key.conf
Make sure autofs and cifs-utils are installed and that /home/someplace
does not exist.
fire up autofs and have a look at the output of mount
Now login as a domain user and go to /home/someplace
Any problems: tail -28 /var/log/messages
just after you attempt the mount.
HTH
Steve
>
>
> On Tue, Nov 12, 2013 at 1:17 PM, steve <steve at steve-ss.com> wrote:
> On Tue, 2013-11-12 at 18:06 +0000, Rowland Penny wrote:
> > On 12/11/13 18:04, steve wrote:
> > > On Tue, 2013-11-12 at 12:57 -0500, Jon West wrote:
> > >> You are correct, only want to authenticate with AD
> credentials, also
> > >> want to be able to mount a windows share (from the native
> windows
> > >> machine) on the linux machine without having to type in
> domain
> > >> credentials at each time of mount or have the passwords
> stored in
> > >> plaintext on the linux machine
> > >>
> > > **posts are crossing. I'll shut up until we sync.
> > > Steve
> > >
> > >
> > No, I'll shut up, you tell him about Autofs
> >
> > Rowland
> >
>
>
> LOL. Putting on autofs hat! Let's make a start. this could be
> a long
> one. . .
>
> Will need to know what needs mounting. @Jon can you give us a
> bit more
> detail of the stuff you need cifs-ing over to the Red Hat
> clients? Or
> maybe you'd be satisfied with a permanent fstab mount?
> Cheers,
> Steve
>
>
>
>
More information about the samba
mailing list