Created attachment 15871 [details] output of smbc debugging The issue mentioned in my summary was already reported in KDE bugzilla https://bugs.kde.org/show_bug.cgi?id=398079 My client runs Arch Linux + samba and libwbclient 4.10.10 + KDE Plasma 5.18.3 desktop environment. My server runs Windows 7 Professional. I'm using a linux client to try access a share from a Windows server. The client always asks for password to list and access the share despite it is passwordless. Client lists the shares available when I enter fake "*" username and password or another fake username and password. But I need to type username and password that I use to start the user session of Window server when I want to open any passwordless share from it. You can read a detailed explanation and watch screen recordings showing the issue in the following link https://bugs.kde.org/show_bug.cgi?id=398079#c16 As we can read in the following link, KDE developer Harald Sitter thinks that something is wrong inside libsmbclient https://bugs.kde.org/show_bug.cgi?id=398079#c19 I'm attaching the output of smbc debugging according to instructions from the following link https://bugs.kde.org/show_bug.cgi?id=398079#c14
FWIW, from the info in the kde report I would infer that currently the AutoAnonymousLogin probably attempts to login with an empty password which windows servers seem to take offense with (probably because of some default secpol in win7+). An easy solution then would be to send a random password instead of no password in the AutoAnonymousLogin. For all I know that will break something else though.
sending a random password or no password looks like a very bad idea to me as this will increase the bad logon counter. I also suggest to remove the AutoAnonymousLogin if there is something like that. Something like that is asking for trouble in many environments. If the current user had a krb5 ticket, then this can be used to try authenticating the user. But don't try guest logons or random passwords. please.
Created attachment 16265 [details] screenshot of auth dialog Thanks for the input. Our auth dialog also has an anonymous checkbox (see attachment). Should we get rid of that as well or is that fine to keep?
Samba 4.13 asks for password even to mount passwordless shares from a linux server. I have Arch + Gnome 3.36.3 + nautilus 3.36.3 file manager installed on my laptop, nautilus shows an authentication dialog with "Anonymous" radio button pre-selected when I try to mount a passwordless share from my desktop computer running Arch + Plasma 5.20 beta + Samba 4.13 and I need to click on its "Connect" button to mount the share. Is this behavior expected/correct?
(In reply to Harald Sitter from comment #4) the anonymous checkbox is fine I think even though I think I would actually prefer to have just a small hint text like "leave user/passwd empty for anonymous connections". I think I would also not use a separate DOMAIN input field there but require the domain name be entered as part of the user name like this: MYDOM\user This would alternatively allow the UPN notation of the username: user@mydom.example.com The latter will also allow to enter other user princial names, which can have other prefixes, that must not be the realm of the doain like user@foo.example.net