639 – "map to guest" ignored when "security = server"

Bug 639 - "map to guest" ignored when "security = server"

Summary: "map to guest" ignored when "security = server"

Status:	RESOLVED WONTFIX

Alias:	None

Product:	Samba 3.0
Classification:	Unclassified
Component:	Config Files (show other bugs)
Version:	3.0.0
Hardware:	All Linux

Importance:	P3 normal
Target Milestone:	none
Assignee:	Samba Bugzilla Account
QA Contact:

URL:
Keywords:

Depends on:
Blocks:

Reported:	2003-10-16 11:00 UTC by Jerry Marceau
Modified:	2005-11-14 09:24 UTC (History)
CC List:	0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Jerry Marceau 2003-10-16 11:00:59 UTC

"map to guest" seems to be ignored when "security = server".  "map to guest"
works when "security = user" and a local smbpasswd file is used.  

When using "security = server", attempting to connect to a guest accessable
share with a non-existant account and an incorrect password, the connection fails:

% smbclient '\\stampy\public' mypass -U phoneyuser       
added interface ip=132.177.137.23 bcast=132.177.139.255 nmask=255.255.252.0
session setup failed: NT_STATUS_LOGON_FAILURE

Changing smb.conf to 'security = user' allowes access with the bad password:

% smbclient '\\stampy\public' mypass -U phoneyuser
added interface ip=132.177.137.23 bcast=132.177.139.255 nmask=255.255.252.0
Domain=[CENTERS] OS=[Unix] Server=[Samba 3.0.0]
smb: \> quit

Comment 1 Andrew Bartlett 2003-10-16 16:48:24 UTC

It is not possible to fix this, as the server will not tell us if the error was
bad password, or bad user.

Map to guest = 'bad password' should still work.

This is one of the many, very good reason why 'security=server' should never be
used.  Try 'security=domain' or 'security=ads' instead.

Comment 2 Gerald (Jerry) Carter (dead mail address) 2005-11-14 09:24:52 UTC

database cleanup