On Fri, 2004-03-05 at 09:47, Jason McCormick wrote: > What are the ramifications of changing security = share from sercurity = > ads ? I was using security = domain before. Looking at the docs/manpages > I'm unclear how other shares will be affected (for the sections that match > UNIX == Windows for IT staff). From reading the manpage, it sounds like > if guest ok = yes then it skips checking, but does it fall back to ADS if > there's no guest ok directive?
Ok, what has happened here is that in Samba 2.2, if a user logged in with valid domain credentials, and did not have an account on the system, they were mapped to a 'guest' account. This is not possible in 3.0 (and I think it was a bad idea in the first place). So, the alternative for you is to create a new server (or more to the point, a virtual server configuration) that is in 'security=share' (so the remote clients never attempt a user/password login) and has 'guest ok' (or even beter 'guest only') set, so that all connections are treated as guest, with no questions asked. include = smb.conf.%L is your freind - but watch out, for this to work you must set 'smb ports = 139' or we might not get our 'called name' on which we base that. Andrew Bartlett Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.org http://hawkerc.net
signature.asc
Description: This is a digitally signed message part
-- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
