[Samba] DM: samba 4.5 -> 4.8, guest access and machine account access troubles.
rpenny at samba.org
Mon Sep 24 15:54:36 UTC 2018
On Mon, 24 Sep 2018 17:33:47 +0200
Marco Gaiarin via samba <samba at lists.samba.org> wrote:
> Mandi! L.P.H. van Belle via samba
> In chel di` si favelave...
> > I hope this helps you understanding your problem a bit more.
> > See also:
> > https://docs.microsoft.com/en-us/windows/security/identity-protection/access-control/local-accounts
> No, wait. I'm probably mixed up too many things, and maked a lot of
> confusion. Restart.
> Say may domain is 'LNFFVG', and my windows 7 box is 'DOMINIQUE'.
> Before upgrading my domain members to samba 4.8 (from 4.5) i can
> access a 'guest' share using DOMINIQUE\Administrator user without
> trouble. Probably (and correctly, for my point of view) domain member
> does not find 'DOMINIQUE\Administrator' user, and so map it to guest.
The above would be true except for this line you have in smb.conf:
winbind use default domain = Yes
> After upgrading to 4.8, i've found that i cannot anymore 'guest
> access' the share, seems because the domain member server maps
> 'DOMINIQUE\Administrator' to 'root' (as i'm expecting it will do, but
> for 'LNFFVG\Administrator', a very different user ;) and, clearly,
> credentials does not match).
> NOTE that, for other non-guest-access user shares i try an access with
> 'DOMINIQUE\Administrator', windows explorer ask me credentials, as
So when either 'DOMINIQUE\Administrator' or 'LNFFVG\Administrator'
connects, they both become 'Administrator', who then gets mapped to
> I don't want to alter the default 'Administrator' and 'guest' user on
> my workstation, nor do something strange client side... i simply need
> to restore old behaviour (or, speaking better: understand why mapping
> changed from 4.5 ot 4.8...) to have 'DOMINIQUE\Administrator' be
> mapped to guest.
I don't understand why you are trying to use a local user on a domain
More information about the samba