[Samba] Different Types of Guest Logins?

Hal Vaughan hal at hal.dance
Thu Feb 17 08:36:39 UTC 2022 

I’m having an issue with a new media server.

Previously, I was using a Debian Linux server for my media server. Basically, it was just Samba shares, since that seems the easiest way for a number of programs (on Linux, Mac, iOs, Android tablets, and Apple TV) to be able to play back video and audio files. It’s also easier than setting up streaming servers.

This Debian server worked fine. I used this for the configuration for a share:

[Library]
        comment = Media library
        path = "/share00/Library"
        browseable = yes
        read only = yes
        guest ok = yes
#       follow symlinks = yes
        wide links = yes

(The rest of the config file is after my signature.)

On this system, on several programs, I just did not enter a username or password to log into that share.

Now I’m using a RAID device, a Synology DS620Slim. Considering the type of system in this, I haven’t wanted to get into config files and hand-edit them unless I have to. I know one small change can upset things in their overall design. I set up a Samba share, but was limited in choices. I set up guest access for my share on there. When I’m trying to watch a video from the new server, in some programs (VLC is a good example), I have to have "guest" in the username field to be able to get to the video files. While I can deal with this, when we have relatives staying here, they get frustrated when they try to watch something and get something asking them to log in. Also, to be honest, lots of times I use this to get something to listen to late at night, when I wake up and can’t get back to sleep. At that point, yes, it’s really hard to remember something like this!

At this point I’m not sure how to get to the RAID config files. I’m working on that.

Until then, is there a different type of login? I’m wondering if I’ve set up my Linux system to use some kind of anonymous login and the RAID is using a guest login - or something like that.

Why is it that, with my Linux server, I can login and see the shares without using a username or password and the new system always requires me to specify "guest?"




Hal
———————
smb.conf:
———————

[global]

    security = user
    unix password sync = yes
    unix extensions = no

## Browsing/Identification ###

# Change this to the workgroup/NT-domain name your Samba server will part of
   workgroup = WORKGROUP

# This will prevent nmbd to search for NetBIOS names through DNS.
   dns proxy = no


#### Debugging/Accounting ####

# This tells Samba to use a separate log file for each machine
# that connects
   log file = /var/log/samba/log.%m

# Cap the size of the individual log files (in KiB).
   max log size = 1000

# We want Samba to log a minimum amount of information to syslog. Everything
# should go to /var/log/samba/log.{smbd,nmbd} instead. If you want to log
# through syslog you should set the following parameter to something higher.
   syslog = 0

# Do something sensible when Samba crashes: mail the admin a backtrace
   panic action = /usr/share/samba/panic-action %d


####### Authentication #######

# Server role. Defines in which mode Samba will operate. Possible
# values are "standalone server", "member server", "classic primary
# domain controller", "classic backup domain controller", "active
# directory domain controller".
#
# Most people will want "standalone sever" or "member server".
# Running as "active directory domain controller" will require first
# running "samba-tool domain provision" to wipe databases and create a
# new domain.
   server role = standalone server

# If you are using encrypted passwords, Samba will need to know what
# password database type you are using.
   passdb backend = tdbsam

   obey pam restrictions = yes

# This boolean parameter controls whether Samba attempts to sync the Unix
# password with the SMB password when the encrypted SMB password in the
# passdb is changed.
   unix password sync = yes

# For Unix password sync to work on a Debian GNU/Linux system, the following
# parameters must be set (thanks to Ian Kahan <<kahan at informatik.tu-muenchen.de> for
# sending the correct chat script for the passwd program in Debian Sarge).
   passwd program = /usr/bin/passwd %u
   passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .

# This boolean controls whether PAM will be used for password changes
# when requested by an SMB client instead of the program listed in
# 'passwd program'. The default is 'no'.
   pam password change = yes

# This option controls how unsuccessful authentication attempts are mapped
# to anonymous connections
   map to guest = bad user


# Allow users who've been granted usershare privileges to create
# public shares, not just authenticated ones
   usershare allow guests = yes

More information about the samba mailing list