I was trying to set up Samba file sharing in the office. It works somehow but there are two things I don’t quite happy about.
- The setting I tried uses the “share” as the security setting which is deprecated.
- When the user click on a password protected folder, the user name is pre-filled in Windows XP and is grey out, not allowing to change.
After searching in the Internet more deeply I found this post which solved my problems.
Below are the summary of what I have done.
- Set up Samba file sharing
- Allow no-login listing of shared resources (That is, able to access \\192.168.1.1 without entering any password)
- Allow no-login access of specified resources
- Allow login access of restricted resources
- Avoid the use of the deprecated “share” security setting
Edit 2013-06-18: While I was trying to answer a comment from the reader on this post, I went thought the Samba documentation and tried on my new Raspberry Pi (at the time I wrote this article I was setting up Samba on Red Hat 5). I found out that a file and some options are actually not necessary and therefore I have strike through those parts in this update.
In /etc/samba/smbusers, editing the file with the present of the following line. This create a user name mapping between SMB user name (guest) and Linux user name (nobody). nobody = guest
- In the [global] section of /etc/smb.conf, do the following
- Set the security to user, by including the line security = user
- Set on invalid user login information, map the login to SMB guest account, by including the line Map to guest = Bad User
Make sure the previous SMB to Linux user name mapping is in effect by including the line username map = /etc/samba/smbusers
- Allow no-login user to list shared resources by including guest ok = yes to the resources you want to be public
- For each shared resources, add a section in /etc/smb.conf. If it is password protected, remember to include the line valid users = authenticated_user under the section.
[global] workgroup = workgroup server string = MY-SERVER security = user passdb backend = tdbsam cups options = raw map to guest = Bad User
username map = /etc/samba/smbusersguest ok = yes [tom_password_protected_folder] path = /share/tom writeable = yes valid users = tom [no_password_folder] path = /share/nobody writeable = yes
- Samba configuration file (smb.conf) documentation: http://www.samba.org/samba/docs/man/manpages-3/smb.conf.5.html