Poisoned Dragon wrote:
I bypass authentication to a linux share by using this argument in smb.conf:
- Code: Select all
security = share
You know, share level security has been deprecated. It's been deprecated for about 5 years now however so I don't know when it will be but sooner or later it will be officially removed as an option. The developer in charge of this thing is getting more demonstrative is his objections to having it used:
Mon, 29 Mar 2010 12:54:26 -0700
Well you can replace security = share with the correct "map to guest"
options, so it really isn't useful in the way you think. Having said
that we haven't (yet) removed it, and I just refactored the code
that implements it, so it'll probably be around causing us trouble
for a while yet
Thu, 06 Oct 2011 12:03:27 -0700
"security = share" is
deprecated, please don't use it.
There's nothing that it does that can't be done
with normal user-level security.
In any event if everything else is working as designed the default settings in smb.conf ( for the non debian based Mint ) should handle this:
"security = user" + "map to guest = Bad User" = "security = share"
In Debian based mint there is no override for "map to guest" in smb.conf so the system defaults to "map to guest = Never" which just about eliminates any guest access for anonymous Windows clients. Windows made a design decision for reasons unknown that insists on transmitting the client users actual local login user name and password when it browses for shares. If that user has a corresponding samba username and password on the Linux server then he is authenticated even before attempting to access any specific share but if he does not then he is mapped to the guest account in normal Mint ( because he is a "Bad User" ) but rejected outright in Debian based Mint ( because of "Never" ) unless you add back the "Bad User" reference.
Now that I've ranted on though I too have no experience with Vista Enterprise but I'm beginning to think that there something different about it. If you look at his other post ( viewtopic.php?f=157&t=93542
) there's no problem is accessing his shares with WinXP - it's only Vista Enterprise. Maybe setting "security = share" will work ......