如何在ADS安全模式下启用对Samba共享的匿名访问?

4

我正在尝试在我的Samba配置中启用对单个服务的匿名访问。授权用户访问工作正常,但当我尝试无密码连接时,我收到以下消息:

Anonymous login successful
Domain=[...] OS=[Unix] Server=[Samba
3.3.8-0.51.el5] tree connect failed: NT_STATUS_LOGON_FAILURE

消息日志显示此错误:

... smbd[21262]: [2010/05/24 21:26:39,  0] smbd/service.c:make_connection_snum(1004)
... smbd[21262]:   Can't become connected user!

smb.conf配置如此:

[global]
   security = ads
   obey pam restrictions = Yes
   winbind enum users = Yes
   winbind enum groups = Yes
   winbind use default domain = true
   valid users = "@domain admins", "@domain users"
   guest account = nobody
   map to guest = Bad User

[evilshare]
   path = /evil/share
   guest ok = yes
   read only = No
   browseable = No

鉴于我已经'映射到guest = Bad User'和'guest ok'指定,我不明白它为什么试图“成为连接用户”。它不应该试图“成为访客用户”吗?

network-shares  samba  redhat-enterprise-linux  privacy 

source
您使用的是哪个版本的Samba?哪种类型的Windows(?)客户端正在尝试访问您的Samba?
Kurt Pfeifle 2010年

Answers:

0

去掉

有效用户=“@domain admins”,“@ domain用户”

来自[global],仅在未启用“guest”的共享中使用它

0

对我来说,解决方案是设置:

auth methods = guest sam winbind
restrict anonymous = 0
guest account = nobody

当然,确保nobody用户创建时没有密码:

auth methods = guest sam winbind
Sebazzz
source
By using our site, you acknowledge that you have read and understand our Cookie Policy and Privacy Policy.
Licensed under cc by-sa 3.0 with attribution required.