[Samba] getting ERROR: failed to setup guest info. But I cannot setup a guest account due to security policies

Tue Nov 12 11:52:47 MST 2013

ok I've got my hw, I'll give it a try and check back with any questions
tomorrow. In the mean time, Im actually curious about what I would need to
do (or anyone for that matter) to solve the guest user problem. What if you
can't have a guest user on the system so you have nothing to set that to in
smb.conf

On Tue, Nov 12, 2013 at 1:39 PM, steve <steve at steve-ss.com> wrote:

> On Tue, 2013-11-12 at 13:27 -0500, Jon West wrote:
> > Sure, its a single windows share that's hosted on a windows machine
> > thats a part of an AD domain. This can be done by typing in the user
> > ADusername and ADpassword as the username and password arguments in
> > the mount commad (mount -t cifs blah blah blah -o username=username
> > password=password blah blah blah) But due to security policy we can't
> > have people typing out their passwords in plaintext on the screen and
> > I can't have a password file to look up to store those passwords, plus
> > it would be annoying to have to go and change the file every time a
> > user changes their domain password. What I would like to happen is for
> > the user to just be able to type "mount -t
> > cifs //server/share /localdir" I can't have the domain passwords
> > displayed in plain text or transmitted in plain text
> >
>
> OK. We'll automount it whenever the user goes to the share. No passwords
> or usernames. All Kerberos.
>
> AD hostname adserver
> Share that needs mounting someplace (could be c:\users\jon\someplace)
> Mount point on client /home/someplace
>
> /etc/auto.master
> /home /etc/auto.someplace
>
> /etc/auto.someplace
> someplace -fstype=cifs, sec=krb5,username=MACHINE
> $,multiuser ://adserver/someplace
>
> We'll need to know the cifs.upcall config in:
> /etc/request-key.conf
>
> Make sure autofs and cifs-utils are installed and that /home/someplace
> does not exist.
> fire up autofs and have a look at the output of mount
>
> Now login as a domain user and go to /home/someplace
>
> Any problems: tail -28 /var/log/messages
> just after you attempt the mount.
>
> HTH
> Steve
>
>
>
> >
> >
> > On Tue, Nov 12, 2013 at 1:17 PM, steve <steve at steve-ss.com> wrote:
> >         On Tue, 2013-11-12 at 18:06 +0000, Rowland Penny wrote:
> >         > On 12/11/13 18:04, steve wrote:
> >         > > On Tue, 2013-11-12 at 12:57 -0500, Jon West wrote:
> >         > >> You are correct, only want to authenticate  with AD
> >         credentials, also
> >         > >> want to be able to mount a windows share (from the native
> >         windows
> >         > >> machine) on the linux machine without having to type in
> >         domain
> >         > >> credentials at each time of mount or have the passwords
> >         stored in
> >         > >> plaintext on the linux machine
> >         > >>
> >         > > **posts are crossing. I'll shut up until we sync.
> >         > > Steve
> >         > >
> >         > >
> >         > No, I'll shut up, you tell him about Autofs
> >         >
> >         > Rowland
> >         >
> >
> >
> >         LOL. Putting on autofs hat! Let's make a start. this could be
> >         a long
> >         one. . .
> >
> >         Will need to know what needs mounting. @Jon can you give us a
> >         bit more
> >         detail of the stuff you need cifs-ing over to the Red Hat
> >         clients? Or
> >         maybe you'd be satisfied with a permanent fstab mount?
> >         Cheers,
> >         Steve
> >
> >
> >
> >
>
>
>