[Samba] Samba Share with user and no password
Rowland penny
rpenny at samba.org
Fri Sep 6 10:14:42 UTC 2019
On 06/09/2019 10:57, basti via samba wrote:
> On 05.09.19 16:14, Rowland penny via samba wrote:
>> try adding 'null passwords = yes' to your smb.conf.
> I have try. but can't connect (NT_STATUS_CONNECTION_RESET).
>
> Log append.
>
> Config:
>
> [global]
> workgroup = workgroup
> dns proxy = no
> log file = /var/log/samba/log.%m
> max log size = 5000
> log level = 3 passdb:5 auth:5
> syslog = 0
> panic action = /usr/share/samba/panic-action %d
> server role = standalone server
> passdb backend = tdbsam
> unix password sync = yes
> passwd program = /usr/bin/passwd %u
> passwd chat = *Enter\snew\s*\spassword:* %n\n
> *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
> pam password change = yes
> map to guest = bad user
> usershare allow guests = yes
> printcap name = none
> preferred master = No
> local master = No
> domain master = No
>
> # shares
> # all shares has "guest ok = yes"
> ...
For guest access to work, you need three things:
'map to guest = yes' set in global
'guest ok = yes' set in the share that you want guest access to
The user must be unknown to Samba
You have the first two, but what about the last one ?
Basically the way it works is this:
A user connects to Samba, if the user is known and has the correct
password, access is allowed to Samba, but if it is an unknown user, the
user is mapped to the guest user (usually 'nobody') and is allowed
access to Samba.
Now that the user is authenticated, it attempts to access a share. If it
is a known user, it will be allowed access to all shares unless access
is explicitly denied to a share for that user. If it is an unknown user,
then access will only be allowed to shares that have 'guest ok = yes'
set and any files and directories created in the share will belong to
the guest user.
Rowland
More information about the samba
mailing list