[Samba] Cross-domain share access via same user+password doesn't work anymore
freebsd at tango.lu
freebsd at tango.lu
Tue Sep 8 07:54:47 UTC 2020
On 2020-09-05 18:05, Rowland penny via samba wrote:
> On 05/09/2020 16:30, freebsd at tango.lu wrote:
>>
>>>>
>>>
>>
>> Hello,
>>
>> I already had those in both samba server and I don't care about
>> security with this setup. Here is what happens:
>
> Well, not having seen your smb.conf files, I didn't know you had those
> lines. I also had to point out the pitfalls of using them.
>
> I think it may help if we see your smb.conf files.
>
> Rowland
Hello,
Yes that is exactly what I thought that it is not a config issue because
with nearly the same config it works on the 3.6 and not the 4.x.
Since someone asked for my smb.conf here it goes:
[global]
workgroup = WG2
netbios name = SMBB
guest ok = no
security = user
wins support = yes
wins proxy = no
syslog only = no
syslog = 0;
encrypt passwords = true
; WIN 98
lanman auth = Yes
client lanman auth = Yes
client plaintext auth = Yes
log level = 3
log file = /var/log/samba/smbd.log
max log size = 5000
utmp = Yes
os level = 255
domain master = yes
local master = yes
preferred master = yes
domain logons = no
logon script = %U
allow trusted domains = no
nt acl support = no
enhanced browsing = No
message command = /bin/sh -c '/usr/bin/linpopup "%f" "%m" %s; rm %s'
&
name resolve order = wins lmhosts host bcast
hide dot files = yes
wide links = yes
unix extensions = no
delete veto files = yes
load printers = no
printing = bsd
printcap name = /dev/null
disable spoolss = yes
show add printer wizard = no
[share]
comment = share
volume = share
path = /mnt/share
force user = user
force group = users
create mask = 644
directory mask = 775
browseable = no
follow symlinks = Yes
writeable = no
read only = yes
valid users = user
So yet again typical example of a software actually getting WORSE than
improving over the years. I don't know who the hell felt that this was a
good idea to deprecate this mapping option but you should consider
putting it back and never again try to pull something like this. What
happened to Samba? some systemD developers crawled over there to destroy
the project with their stupidity? Next thing we gonna see on Samba 5
hell let's change the entire config, rename all the options and why not
just make it XML or encrypted JSON binary config to be sysadmin
unfriendly. Great Success!
More information about the samba
mailing list