[Samba] SMB Signing with "map to guest = " options
Rowland Penny
rpenny at samba.org
Mon Feb 18 10:21:12 UTC 2019
On Mon, 18 Feb 2019 10:26:24 +0530
Shivappa <ssangapur3 at gmail.com> wrote:
> Here is my smb.conf
>
> [global]
> workgroup=TEST
> server string=SMBServ
> netbios name=SHIVASMB
> realm=TEST.LOCAL
> log level=1
> log file=
> max log size=2000
> max smbd processes=100
> security=ADS
> password server=10.10.1.5
> wins support=no
> client NTLMv2 auth=Yes
> wins proxy=no
> server max protocol=SMB3
> client max protocol=SMB3
> dns proxy=no
> wins server=192.168.4.124, 0.0.0.0
> name resolve order=lmhosts host wins bcast
> map to guest=bad uid
> guest account=root
> encrypt passwords=yes
> ntlm auth=yes
> server signing=auto
> client signing=auto
>
> [Home]
> path=/home/shiva/
> browseable=yes
> writeable=no
> public=no
> guest ok=yes
> available=1
>
> [Personal]
> path=/home/data/
> browseable=yes
> writeable=no
> public=no
> guest ok=yes
> available=1
>
>
You are trying to run a Unix domain member (a very bad one at that) as a
standalone server, this will not work. For 'bad uid' to work, the user
must not have a valid Unix account, Samba (even though you do not have
the required 'idmap config' lines) will be creating one for you.
Can I suggest you read 'man smb.conf', remove all the default and
un-required lines
It might also help if you you read these:
https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Domain_Member
https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Standalone_Server
Then decide which you require, A Unix domain member or a standalone
server. Which ever you decide, I think mapping guest to root is a dumb
idea.
Rowland
More information about the samba
mailing list