Specifying "guest ok = no / map to guest = never" is reasonable. The original decision to permit guest logins was mine, dating back to the old days when most customers were using Windows 95/98 and "logging in" by hitting the escape key :-)
The original version of the server software did not have individual user home directories (or groups, or i-bays, etc.) Instead, there were four fixed-purpose file-sharing areas (e.g. one for the administrator to distribute files to all local users, another for use as a public "sandbox", and so on.) In that environment, allowing unauthenticated guest access made sense. But times have (thankfully) changed. - Joe, historian-in-residence :-) Darrell May wrote: > > Michael Doerner <[EMAIL PROTECTED]> said: > > > I always change the following 2 parameters in smb.conf (in the > > template) to avoid all that: > > > > guest ok = no > > map to guest = never > > That sounds like a good idea given the fact that access to 'everyone' > shares would be permitted by bogus logins. This should be changed in the > templates-custom fragment: > > [11guestOK] > guest ok = no > map to guest = never > > Everyone agree? Anyone disagree? Any other changes come to mind? > > Regards, > > -- > Darrell May > DMC Netsourced.com > http://netsourced.com > http://myEZserver.com -- Joseph Morrison, AVP Technology Strategy +1 613 368 4399 Network Server Solutions Group [EMAIL PROTECTED] Mitel Networks, Ottawa, Canada http://www.mitel.com -- Please report bugs to [EMAIL PROTECTED] Please mail [EMAIL PROTECTED] (only) to discuss security issues Support for registered customers and partners to [EMAIL PROTECTED] To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Archives by mail and http://www.mail-archive.com/devinfo%40lists.e-smith.org
