[Samba] SMB Signing with "map to guest = " options
Rowland Penny
rpenny at samba.org
Thu Feb 14 12:05:14 UTC 2019
On Thu, 14 Feb 2019 05:52:13 -0600 (CST)
shivappa Sangapur via samba <samba at lists.samba.org> wrote:
> Hi,
>
> I'm using samba-4.7.x
> I have some confusions over "map to guest=" options with setting SMB
> Signing 1. Set "*Server signing =auto*", "*map to guest=bad uid*" and
> set "client signing in windows 2k12 server group policy" to
> "Microsoft network client: Digitally sign communications (Always)” =
> *Disable*" SMB_Server is joined to Windows 2k12 Active Directory with
> user01. Windows PC is logged to windows 2k12 Activer Directory with
> user02. I login to share of my SMB_Server from Windows client
> PC(where i logged with user02),* it opens shares *without any popup
> on client PC. Here NO signing is done.
>
> 2. Set "*Server signing =auto*", "*map to guest=bad uid*" and set
> "client signing in windows 2k12 server group policy" to "Microsoft
> network client: Digitally sign communications (Always)” = *Enable*"
> SMB_Server is joined to Windows 2k12 Active Directory with user01.
> Windows PC is logged to windows 2k12 Activer Directory with user02.
> I login to share of my SMB_Server from Windows client PC(where i
> logged with user02),* it fails to open shares.*
> Here Signing is done but fails to open
>
> 3. Set "*Server signing =auto*", "*map to guest=never*" and set
> "client signing in windows 2k12 server group policy" to "Microsoft
> network client: Digitally sign communications (Always)” = *Disable*"
> SMB_Server is joined to Windows 2k12 Active Directory with user01.
> Windows PC is logged to windows 2k12 Activer Directory with user02.
> I login to share of my SMB_Server from Windows client PC(where i
> logged with *user02*),* it popups to enter credentials, after
> providing the use01 only the shares opens*on client PC.
> Here NO Signing.
>
> 4. Set "*Server signing =auto*", "*map to guest=never*" and set
> "client signing in windows 2k12 server group policy" to "Microsoft
> network client: Digitally sign communications (Always)” = *Enable*"
> SMB_Server is joined to Windows 2k12 Active Directory with user01.
> Windows PC is logged to windows 2k12 Activer Directory with user02.
> I login to share of my SMB_Server from Windows client PC(where i
> logged with user02),* it popups to enter credentials, after providing
> the use01 only the shares opens*on client PC. (I know that only
> user01 is added in samba db) Here, signing is done.
>
> 5. Set "*Server signing =mandatory*", "*map to guest=bad uid*" and set
> "client signing in windows 2k12 server group policy" to "Microsoft
> network client: Digitally sign communications (Always)” = *Enable*"
> SMB_Server is joined to Windows 2k12 Active Directory with user01.
> Windows PC is logged to windows 2k12 Activer Directory with user02.
> I login to share of my SMB_Server from Windows client PC(where i
> logged with user02),* it fails to open shares.*
> Here Signing is done but fails to open
>
>
> I want to understand why in case of *#2 and #5* it is not opening
> shares of my smb-4.7.x shares,
>
Please post your smb.conf
AND seeing as you didn't understand it when I replied to your first post
Please post your smb.conf
Rowland
More information about the samba
mailing list