I am running Samba 3.0.14a (Debian packages for Sarge) It seems that even if I set the directive "guest account" to some other user, Samba still maps guest account to the default guest user "nobody". I have set up a server with this config (I report only useful lines): [general] guest account = guest map to guest = bad user passdb backend = tdbsam guest [guest_share] guest ok = yes read list = guest read only = no I have run "testparm -v" and there are no errors. The "guest account" directive seems to have been parsed correctly, but when I connect with a non-existent user, I get mapped to the user "nobody", which is default for guest account, instead of the username "guest" which I have set up.
is the [general] section in you example a typo? If so, then that is the problem I assume. It should be [global].
Sorry, it's a typo in the report. It's [global] in the config file. And since testparms -v gives no errors, no warnings, and reports that it has correctly read the "guest account = guest" configration entry, I suppose that the config file should be all right.
could you attach a level 10 debug log and your smb.conf with this report? Thanks.
You will find attached a file named "log_and_config.zip" that contains the complete config file and a log file obtained by logging in from my notebook, using an username (kurgan) that does not exist in the customer's domain. Customer's (and server's) domain is "IANUA", while my notebook does belong to domain "KURGAN". I had tried even with a customer's PC that does not belong to any domain, but now I cannot replicate that setup. What I have done from the client is just open a window and type in it "\\server", then I have tried to open the share named "drivers", but failed because the user "nobody" has no file system access to that share. The user "guest" exists both in /etc/passwd and in samba. In passwd it has a disabled password, in samba it has an empty password. I have also tried using another user instead of "guest" but I still get mapped to "nobody".
Created attachment 1383 [details] Log and config of the offending Samba server
The nodoby account already exists in your passdb.tdb file. If you run 'pdbedit -x nobody', restart smbd, that should clear things up.
This is not true, I have no "nobody" use in Samba. I have one in /etc/passwd, of course. Here is a dump of my ssh session: ------------------ login as: root Password: Last login: Wed Aug 17 16:33:20 2005 from 62.123.154.74 server:~# smbpasswd -x nobody Failed to delete entry for user nobody. Failed to modify password entry for user nobody server:~# pdbedit -L root:0:root flavio:1002:Flavio portatile$:1010:PORTATILE$ ennio:1003:,,, guest:1015:guest utente-d5734606$:1011:UTENTE-D5734606$ luca:1001:,,, rip:1007:Utente per macchine in riparazione,,, flavio-5blaialp$:1009:FLAVIO-5BLAIALP$ ennio$:1008:ENNIO$ ennio2k$:1013:ENNIO2K$ lab$:1014:LAB$ ennioxp$:1012:ENNIOXP$ administrator:1004:,,, server:~# pdbedit -x nobody user nobody does not exist in the passdb -------------- As you can see, I have no "nobody" user in Samba. I have indeed a "guest" user, which I created as I have stated before.
ok. Fair enough. Somehow smbd has associated the default guest user with RID 501. So whebn creating a guest session, it pulls that information. But the vuid used in the share connection should use the 'guest account' value. Does smbstatus also display 'nobody'?
Well, 501 is the ID for my "guest" user, as you can see here: server:~# pdbedit -L -v guest Unix username: guest NT username: Account Flags: [U ] User SID: S-1-5-21-784407194-842192429-356550006-501 Primary Group SID: S-1-5-21-784407194-842192429-356550006-514 Full Name: guest Home Directory: \\server\guest HomeDir Drive: Logon Script: logon.bat Profile Path: Domain: IANUA Account desc: Workstations: Munged dial: Logon time: 0 Logoff time: Fri, 13 Dec 1901 21:45:51 GMT Kickoff time: Fri, 13 Dec 1901 21:45:51 GMT Password last set: Fri, 05 Aug 2005 16:03:43 GMT Password can change: Fri, 05 Aug 2005 16:03:43 GMT Password must change: Fri, 13 Dec 1901 21:45:51 GMT Last bad password : 0 Bad password count : 0 Logon hours : FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF And when connecting using an invalid user, smbstatus shows: server:~# smbstatus Samba version 3.0.14a-Debian PID Username Group Machine ------------------------------------------------------------------- Service pid machine Connected at ------------------------------------------------------- IPC$ 21406 cozza Wed Aug 17 18:38:51 2005 drivers 21406 cozza Wed Aug 17 18:39:03 2005 No locked files Please note that there are no users listed at all. Shouldn't be a "guest" or "nobody" user shown in users list? I really don't know what is happening.
I don't know what is the problem in your setup but I haven't seen a problem with guest user in a recent samba release. If you still see errors with modern samba versions, please file a new bug report for that with a compact description how to reproduce the problem.