4

I am trying to set samba up such that: there is one shared user account that can read-only browse one dir. I have:

changed security = share to security = user
I have commented out guest account = nobody
added a samba user & password with smbpasswd

This is the dir entry in samba:

[test]
    comment = is this working?
    public = no
    path = /thedir/home/
    veto files = /.*/
    browseable = yes
    guest ok = no
    username = theusername
    read only = yes

Despite all of these attempts, when I try to open the dir via Windows explorer I get the same greyed out 'servername\Guest' box?!? Without resorting to active directory, is there any way I can have this prompt work with the shared un & pw I am trying to setup?

Thanks in advance.

javamonkey79
  • 139
  • 6

4 Answers4

0

Something to keep in mind is that Windows cleverly will only authenticate with one username per server, so if you have other shares on that server, you must have the same username and password for all of the shares on the server.

David Pashley
  • 23,151
  • 2
  • 41
  • 71
  • Where would that be set at? I don't see 'Guest' anywhere in the config file. – javamonkey79 Jun 03 '09 at 20:15
  • You misunderstand. This is a shortcoming of Windows. Once you connect to a share on a server with a username, windows will always use same username until you logout. – David Pashley Jun 03 '09 at 20:26
  • So is it not possible to do what I am asking then? – javamonkey79 Jun 03 '09 at 20:32
  • I think it is possible IIRC if you go to the windows explorer and connect to a share there's a link that says (translated I only have german versions) "Connect as a different user". Use that option to connect to that share – Martin M. Jun 09 '09 at 19:14
0

Suggestions:

1.) Try commenting out/removing the "guest ok" statement.

2.) Try removing/tweaking the veto files statement, (for no other reason that I've had some issues with that myself.)

Actually, here's a working line from one of my smb.conf's, (several users on that machine, all co-workers of each other.)

[username]

comment = Username home share
path = /home/username
writeable = yes
invalid users = None
valid users = username, co-worker1, co-worker2, co-worker3, co-worker4
veto files = /.ra/.ram/.wmv/.avi/.mpg/.mpeg/.mp3/.oog/.wav/.mid/.aac/.mov/*.wma/
browseable = yes

Maybe that will help?

Greg Meehan
  • 1,166
  • 1
  • 9
  • 16
  • I have tried these suggestions to no avail, thank you, but it still prompts for 'servername\Guest' – javamonkey79 Jun 03 '09 at 20:14
  • Hmmmm.. It sounds like your samba instance isn't allowing/recognizing auth. A few suggestions: 1.) Make sure you can resolve your domain controllers, (i.e. you've got them plugged into your /etc/hosts file, yes?) 2.) While you're in etc/hosts, make sure that the domain matches that which you configured your smb.conf with. 3.) (The heavy guns :) - Have you tested to make sure your machine is properly joined? - http://kbase.redhat.com/faq/docs/DOC-3342 – Greg Meehan Jun 03 '09 at 20:29
0

You're not going to be able to get this to work this way because of how Windows authenticates to the server. Once you connect to a server, those credentials are used for all shares on that server. The only way to change it is to disconnect from the server completely(using net use /delete from Windows or rebooting).

What exactly are you trying to do? Basically, you need to make sure that your clients don't successfully authenticate as guest anywhere else on the server.

Typically, the way it is done is every user gets their own account, and you just use groups to control access to individual shares.

Jesse Weigert
  • 287
  • 1
  • 2
  • 10
0

It turns out the samba password file was not setup. Additionally, this was solved for XP by mapping the dir as a network drive. For Vista the credentials had to be added with: rundll32.exe keymgr.dll, KRShowKeyMgr

javamonkey79
  • 139
  • 6