I sent this to the samba list but no luck. Does anyone know why a guest access is even generated so often and how to stop it?
RedHAt 8,0 samba 2.2.7-2 from redhat rpms. This box is a file server for approximately 45 XP clients and is fairly active. Windbind is used to authenticate users from the pdc for the domain DOMAIN and works swimmingly. Beats the pants off the NT4 box tht it replaced two weeks ago. More of an irritation than anything, but the winbindd log is filling with messages like this: [2003/02/26 14:42:41, 1] nsswitch/winbindd_user.c:winbindd_getpwnam(121) user 'nobody' does not exist [2003/02/26 14:45:37, 1] nsswitch/winbindd_user.c:winbindd_getpwnam(121) user 'nobody' does not exist "Hmmm" says I. "I wonder why nobody is trying to access this sever" so I did some looking through the docs and archives and found that the guest account defaults to nobody so I changed it to the guest account on the domain to see if that changed anything. Now the log is filling up with messages like this: [2003/02/26 17:38:28, 1] nsswitch/winbindd_user.c:winbindd_getpwnam(121) user 'DOMAIN+GUEST' does not exist [2003/02/26 17:38:29, 1] nsswitch/winbindd_user.c:winbindd_getpwnam(121) user 'DOMAIN+GUEST' does not exist Well this is progress since now we know it is indeed caused by guest logins. THe only reverence to guest in the smb.conf is what I added to day: The NT Administrator tells me that as a matter of policy guest has no rights on corporate shares, or did he tell me that it was disabled? Something like that. So we purposely left it out of smb.conf file. BTW getent finds guest ok [EMAIL PROTECTED] samba]# getent passwd|grep guest DOMAIN+Guest:x:10051:10003::/home/winnt/DOMAIN/guest:/bin/bash IIUC the default samba behavior is to disallow guest access anyway, so what is the deal? any ideas? the following is my smb.conf. # Samba config file created using SWAT # Modified 2003/02/13 # Date: 2003/02/04 08:56:20 # Global parameters [global] log file = /var/log/samba/%m.log passwd chat = *New*password* %n\n *Retype*new*password* %n\n *passwd:*all*authentication*tokens*updated*successfully* socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 obey pam restrictions = Yes wins server = 10.0.0.229 domain master = No encrypt passwords = Yes winbind uid = 10000-20000 passwd program = /usr/bin/passwd %u template shell = /bin/bash dns proxy = No netbios name = SOLIN printing = lprng #added by BAH 20030226 guest account = DOMAIN+GUEST server string = SOLIN password server = SOCOMM winbind gid = 10000-20000 unix password sync = Yes template homedir = /home/winnt/%D/%U local master = No workgroup = DOMAIN security = domain preferred master = no winbind separator = + pam password change = Yes log level = 1 [homes] comment = Home Directories valid users = %S read only = No create mask = 0664 directory mask = 0775 browseable = No [printers] comment = All Printers path = /var/spool/samba printable = Yes browseable = No [ADMIN] path = /admin read only = No browseable = No #valid users = @DOMAIN+Domain\ Users [APPS] path = /apps read only = No force create mode = 0774 force directory mode = 0774 [TEMP] path = /tmp read only = No Thanks Bret -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list