[Samba] In Mac SMB guest access is not working

VigneshDhanraj G vigneshdhanraj.g at gmail.com
Fri Jan 4 07:29:47 UTC 2019


Hi,

Previously using samba 4.7.7. Have upgraded the samba to 4.9.3. Other than
samba nothing changed in the server. After upgrade am unable to connect the
server through smb from MAC. I didnt change any smb.conf from 4.7 . Is
there any changes to be made for make it work.

Thanks

On Thu, Jan 3, 2019 at 7:55 PM Rowland Penny via samba <
samba at lists.samba.org> wrote:

> On Thu, 3 Jan 2019 19:15:48 +0530
> VigneshDhanraj G via samba <samba at lists.samba.org> wrote:
>
> > Hi team,
> >
> > Upgraded samba from 4.7.x to 4.9.3, when i tried to connect my public
> > share using smb://ip/ through guest login in MAC my shares are not
> > listed if i am connected to AD.
> >
> > 2019/01/03 18:56:31.351985,  3, pid=1114, effective(0, 0), real(0, 0),
> > class=auth] ../source3/auth/auth.c:192(auth_check_ntlm_password)
> >   check_ntlm_password:  mapped user is: []\[GUEST]@[HS-MBP-3]
> > [2019/01/03 18:56:31.352027, 10, pid=1114, effective(0, 0), real(0,
> > 0), class=auth] ../source3/auth/auth.c:202(auth_check_ntlm_password)
> >   check_ntlm_password: auth_context challenge created by random
> > [2019/01/03 18:56:31.352069, 10, pid=1114, effective(0, 0), real(0,
> > 0), class=auth] ../source3/auth/auth.c:204(auth_check_ntlm_password)
> >   challenge is:
> > [2019/01/03 18:56:31.352109,  5, pid=1114, effective(0, 0), real(0,
> > 0)] ../lib/util/util.c:514(dump_data)
> >   [0000] C2 91 43 77 80 4A 47 1B                             ..Cw.JG.
> > [2019/01/03 18:56:31.352182, 10, pid=1114, effective(0, 0), real(0,
> > 0),
> > class=auth] ../source3/auth/auth_builtin.c:41(check_anonymous_security)
> > Check auth for: [GUEST] [2019/01/03 18:56:31.352223, 10, pid=1114,
> > effective(0, 0), real(0, 0),
> > class=auth] ../source3/auth/auth.c:237(auth_check_ntlm_password)
> > auth_check_ntlm_password: anonymous had nothing to say [2019/01/03
> > 18:56:31.352265, 10, pid=1114, effective(0, 0), real(0, 0),
> > class=auth] ../source3/auth/auth_sam.c:75(auth_samstrict_auth) Check
> > auth for: [GUEST] [2019/01/03 18:56:31.352311,  8, pid=1114,
> > effective(0, 0), real(0, 0)] ../source3/lib/util.c:1125(is_myname)
> >   is_myname("") returns 0
> > [2019/01/03 18:56:31.352353,  6, pid=1114, effective(0, 0), real(0,
> > 0), class=auth] ../source3/auth/auth_sam.c:88(auth_samstrict_auth)
> >   check_samstrict_security:  is not one of my local names
> > (ROLE_DOMAIN_MEMBER)
> > [2019/01/03 18:56:31.352396, 10, pid=1114, effective(0, 0), real(0,
> > 0), class=auth] ../source3/auth/auth.c:237(auth_check_ntlm_password)
> >   auth_check_ntlm_password: sam had nothing to say
> > [2019/01/03 18:56:31.352439, 10, pid=1114, effective(0, 0), real(0,
> > 0),
> > class=auth] ../source3/auth/auth_winbind.c:50(check_winbind_security)
> > Check auth for: [GUEST] [2019/01/03 18:56:31.352485,  4, pid=1114,
> > effective(0, 0), real(0,
> > 0)] ../source3/smbd/sec_ctx.c:216(push_sec_ctx) push_sec_ctx(0, 0) :
> > sec_ctx_stack_ndx = 2 [2019/01/03 18:56:31.352530,  4, pid=1114,
> > effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:527(push_conn_ctx)
> >   push_conn_ctx(0) : conn_ctx_stack_ndx = 1
> > [2019/01/03 18:56:31.352572,  4, pid=1114, effective(0, 0), real(0,
> > 0)] ../source3/smbd/sec_ctx.c:320(set_sec_ctx_internal)
> >   setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2
> > [2019/01/03 18:56:31.352614,  5, pid=1114, effective(0, 0), real(0,
> > 0)] ../libcli/security/security_token.c:53(security_token_debug)
> >   Security token: (NULL)
> > [2019/01/03 18:56:31.352655,  5, pid=1114, effective(0, 0), real(0,
> > 0)] ../source3/auth/token_util.c:850(debug_unix_user_token)
> >   UNIX token of user 0
> >   Primary group is 0 and contains 0 supplementary groups
> > [2019/01/03 18:56:31.583661,  4, pid=1114, effective(0, 0), real(0,
> > 0)] ../source3/smbd/sec_ctx.c:438(pop_sec_ctx)
> >   pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1
> > [2019/01/03 18:56:31.583734, 10, pid=1114, effective(0, 0), real(0,
> > 0),
> > class=auth] ../source3/auth/auth_winbind.c:105(check_winbind_security)
> > check_winbind_security: wbcAuthenticateUserEx failed:
> > WBC_ERR_AUTH_ERROR [2019/01/03 18:56:31.583805,  5, pid=1114,
> > effective(0, 0), real(0, 0),
> > class=auth] ../source3/auth/auth.c:251(auth_check_ntlm_password)
> > auth_check_ntlm_password: winbind authentication for user [GUEST]
> > FAILED with error NT_STATUS_ACCOUNT_DISABLED, authoritative=1
> > [2019/01/03 18:56:31.583868,  2, pid=1114, effective(0, 0), real(0,
> > 0), class=auth] ../source3/auth/auth.c:334(auth_check_ntlm_password)
> > check_ntlm_password:  Authentication for user [GUEST] -> [GUEST]
> > FAILED with error NT_STATUS_ACCOUNT_DISABLED, authoritative=1
> >
> > Regards,
> > VigneshDhanraj G
>
> The 'GUEST' user isn't a Samba user, it is a Windows user and is
> disabled by default and it should stay that way. It is insecure to
> enable it.
>
> You should also stop posting the same questions here and to the
> samba-technical mailing list, this is the place to post your type of
> questions. The samba-technical list is meant for development questions.
>
> Rowland
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba


More information about the samba mailing list