Have set up a Windows-domain-integrated samba server. Sharing files is working pretty well but failing to set up a guest share as long the security is set to ads. This is a shortened version of the configuration containing a share free to a certain domain group and a non working share for non authenticated users. I've attached the smb.conf for reference.
[global]
workgroup = MYDOMAIN
dns proxy = no
netbios name = myshare
clustering = yes
security = ads
realm = mydomain.com
password server = 1.2.3.4
winbind enum users = yes
winbind enum groups = yes
winbind cache time = 10
winbind use default domain = yes
client use spnego = yes
client ntlmv2 auth = yes
encrypt passwords = yes
restrict anonymous = 2
domain master = no
local master = no
preferred master = no
os level = 0
idmap uid = 100000-109999
idmap gid = 100000-109999
log file = /var/log/samba/log
log level = 3
max log size = 1000
syslog = 0
panic action = /usr/share/samba/panic-action %d
server role = standalone server
passdb backend = tdbsam
unix password sync = yes
pam password change = yes
map to guest = bad user
guest account = nobody
[public]
browsable = yes
create mask = 0666
directory mask = 0777
writeable = yes
path = /share/public
guest ok = yes
[temp]
browsable = yes
valid users = root, @"share users"
create mask = 0666
directory mask = 0777
writeable = yes
path = /share/temp
guest ok = no
However guest ok = yes does not seem to have any effect (temp is working as expected writable by root and users of the group). The user nobody which should be mapped to has the rwx right's for share folder.
So what is also needed to grant guest access to a specific share when security generally is ads?
