[Samba] getting ERROR: failed to setup guest info. But I cannot setup a guest account due to security policies
Jon West
westjon at gmail.com
Tue Nov 12 11:52:47 MST 2013
ok I've got my hw, I'll give it a try and check back with any questions
tomorrow. In the mean time, Im actually curious about what I would need to
do (or anyone for that matter) to solve the guest user problem. What if you
can't have a guest user on the system so you have nothing to set that to in
smb.conf
On Tue, Nov 12, 2013 at 1:39 PM, steve <steve at steve-ss.com> wrote:
> On Tue, 2013-11-12 at 13:27 -0500, Jon West wrote:
> > Sure, its a single windows share that's hosted on a windows machine
> > thats a part of an AD domain. This can be done by typing in the user
> > ADusername and ADpassword as the username and password arguments in
> > the mount commad (mount -t cifs blah blah blah -o username=username
> > password=password blah blah blah) But due to security policy we can't
> > have people typing out their passwords in plaintext on the screen and
> > I can't have a password file to look up to store those passwords, plus
> > it would be annoying to have to go and change the file every time a
> > user changes their domain password. What I would like to happen is for
> > the user to just be able to type "mount -t
> > cifs //server/share /localdir" I can't have the domain passwords
> > displayed in plain text or transmitted in plain text
> >
>
> OK. We'll automount it whenever the user goes to the share. No passwords
> or usernames. All Kerberos.
>
> AD hostname adserver
> Share that needs mounting someplace (could be c:\users\jon\someplace)
> Mount point on client /home/someplace
>
> /etc/auto.master
> /home /etc/auto.someplace
>
> /etc/auto.someplace
> someplace -fstype=cifs, sec=krb5,username=MACHINE
> $,multiuser ://adserver/someplace
>
> We'll need to know the cifs.upcall config in:
> /etc/request-key.conf
>
> Make sure autofs and cifs-utils are installed and that /home/someplace
> does not exist.
> fire up autofs and have a look at the output of mount
>
> Now login as a domain user and go to /home/someplace
>
> Any problems: tail -28 /var/log/messages
> just after you attempt the mount.
>
> HTH
> Steve
>
>
>
> >
> >
> > On Tue, Nov 12, 2013 at 1:17 PM, steve <steve at steve-ss.com> wrote:
> > On Tue, 2013-11-12 at 18:06 +0000, Rowland Penny wrote:
> > > On 12/11/13 18:04, steve wrote:
> > > > On Tue, 2013-11-12 at 12:57 -0500, Jon West wrote:
> > > >> You are correct, only want to authenticate with AD
> > credentials, also
> > > >> want to be able to mount a windows share (from the native
> > windows
> > > >> machine) on the linux machine without having to type in
> > domain
> > > >> credentials at each time of mount or have the passwords
> > stored in
> > > >> plaintext on the linux machine
> > > >>
> > > > **posts are crossing. I'll shut up until we sync.
> > > > Steve
> > > >
> > > >
> > > No, I'll shut up, you tell him about Autofs
> > >
> > > Rowland
> > >
> >
> >
> > LOL. Putting on autofs hat! Let's make a start. this could be
> > a long
> > one. . .
> >
> > Will need to know what needs mounting. @Jon can you give us a
> > bit more
> > detail of the stuff you need cifs-ing over to the Red Hat
> > clients? Or
> > maybe you'd be satisfied with a permanent fstab mount?
> > Cheers,
> > Steve
> >
> >
> >
> >
>
>
>
More information about the samba
mailing list