I believe the OP wants a solution for his variation of config which should work but it does not.
I can only share my experience with upgrade to version 3.4.5. It was a test upgrade so I did not log every change I did on server. However I was receiving the same error and I did the following: 1. Added 'username map = /etc/samba/private/smbpasswd' to smb.conf /etc/samba/private/smbpasswd looks like this: username:10001:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:3C480B57F58C3C0D7CD4893457944DEA:[U ]:LCT-4B6F029F: 2. I re-ran the smbpasswd command for username I was testing with. After that, smbclient was again able to connect to server. Hope this helps, b. On 8 February 2010 10:58, Michael Wood <esiot...@gmail.com> wrote: > On 8 February 2010 11:12, Alexandru Florescu <a...@acasa.ro> wrote: >> >>>> I want to achieve the following setup: >>>> >>>> - have a share that is read-only and accessible for guest users; >>>> >>>> - have the same share be modified by an authenticated specific user. >>>> >>>> This is running on debian lenny, samba 3.2.5. >>>> >>>> My smb.conf is as follows: >>>> >>>> [global] >>>> workgroup = WORKGROUP >>>> netbios name = cast >>>> remote announce = 192.168.1.99/WORKGROUP >>>> server string = %h server >>>> dns proxy = no >>>> interfaces = eth0 >>>> hosts allow = 192.168.1.0/24 >>>> username map = /etc/samba/usermap >>>> security = share >> >>>I don't think you want "security = share". >> >> But I do want security = share. > > I am not sure that you can do what you are trying to do if you use > "security = share". > > The smb.conf man page says various things about the possible options > for the "security" parameter including: > > If your PCs use usernames that are the same as their usernames on > the UNIX machine then you will want to use security = user. If you > mostly use usernames that don´t exist on the UNIX box then use > security = share. > > It also says that it is more difficult to set up a share that does not > require a password if you use security = user, but says that if you do > need that you should look into the "map to guest" parameter. > > In the "SECURITY = USER" section it says that in this mode users MUST > first authenticate before accessing the share. This seems to imply > that guest shares would not be possible, but it goes on to say: > > Note that the name of the resource being requested is not sent to > the server until after the server has successfully authenticated > the client. This is why guest shares don´t work in user level > security without allowing the server to automatically map unknown > users into the guest account. See the map to guest parameter for > details on doing this. > > in other words, it is possible, but you must use the "map to guest" parameter. > > So I think you need to do the following: > > security = user > > guest user = someuser # This should be a local user with read-only > access to /var/workplace. > > map to guest = Bad User # I think this is probably the right one. See > the man page. > > Then in the [workplace] share, add: > > guest only = yes > > Note, I am NOT a Samba expert and I have not tried the above, but it > seems, from reading the man page, that it should work. > > By the way, you have some redundancy in your config. e.g. "guest ok" > is the same as "public" so you don't need to specify both. Also, > "read only" is the opposite of "writable" so again you don't need > both. > > Another thing: "admin users" specifies a list of users who will > effectively be "root" when accessing the share. That seems dangerous > to me, but also, the man page says: > > This parameter will not work with the security = share in Samba > 3.0. This is by design. > > I hope this helps. > > -- > Michael Wood <esiot...@gmail.com> > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba