[Samba] RequireSecuritySignature=1 and public share with guest not working

Olszewski, Raphael r.olszewski at ssc-services.de
Fri Mar 13 03:42:08 MDT 2015 

Hi
I tried exactly your type of config.

With "RequireSecuritySignature=0" the anon access is working like expected.
As soon, as I set "RequireSecuritySignature=1" it is not working anymore.

So it seem to be not the problem to configure the guest-access. But seems the problem with requiring the signing.
Thought it can be fixed with the right config, but did not find a working combination.

Do i have to setup certificates for the signing? 
Or how the messages will be signed?
My guess is, that the signing isn't working like expected ...

Gruß Raphael
___________________________________________
-----Ursprüngliche Nachricht-----
Von: L.P.H. van Belle [mailto:belle at bazuin.nl]
Gesendet: Freitag, 13. März 2015 09:08

Hai,

Try these settings in global settings.

####### Authentication #######
## stand alone everything open.
   security = user
   guest ok = yes
   map to guest = bad password

add these to the share.
guest ok = yes

Sets samba open without pasword prompt.
I use it at home for my kodi server.

Greetz,

Louis


>-----Oorspronkelijk bericht-----
>Van: r.olszewski at ssc-services.de
>[mailto:samba-bounces at lists.samba.org] Namens Olszewski, Raphael
>Verzonden: donderdag 12 maart 2015 18:17
>
>Hello
>I have an samba server with a public share. It was configured with
>security=share.
>Now I have to tight security with setting those flags in the windows
>client:
>[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\LanmanWor
>kstation\Parameters]
>EnablePlainTextPassword=0
>EnableSecuritySignature=1
>RequireSecuritySignature=1
>
..
>
>The Client shows ReasonCode: 0x80004005 When I change registry to
>RequireSecuritySignature=0, I can access
>
>How I have to configure the smb-server to have a real public share for
>windows7-clients not being configured especially (domain,
>computer-account, user, ...) Do I understand Security-signature wrong?
>Is this scenario possible without being the samba server joined to the
>domain? (What I wanted)
>
>Raphael


--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

More information about the samba mailing list