Web lists-archives.com

Re: [Samba] SMB Signing with "map to guest = " options




On Wed, 13 Feb 2019 23:58:57 -0600 (CST)
shivappa Sangapur via samba <samba@xxxxxxxxxxxxxxx> wrote:

> Hi,
> 
> I'm using samba-4.7.x
> I have some confusions over "map to guest=" options with setting SMB
> Signing 1. Set "*Server signing =auto*", "*map to guest=bad uid*" and
> set "client signing in windows 2k12 server group policy" to
> "Microsoft network client: Digitally sign communications (Always)” =
> *Disable*" SMB_Server is joined to Windows 2k12 Active Directory with
> user01. Windows PC is logged to windows 2k12 Activer Directory with
> user02. I login to share of my SMB_Server from Windows client
> PC(where i logged with user02),* it opens shares *without any popup
> on client PC. Here NO signing is done.
> 
> 2. Set "*Server signing =auto*", "*map to guest=bad uid*" and set
> "client signing in windows 2k12 server group policy" to "Microsoft
> network client: Digitally sign communications (Always)” = *Enable*"
> SMB_Server is joined to Windows 2k12 Active Directory with user01.
> Windows PC is logged to windows 2k12 Activer Directory with user02.
> I login to share of my SMB_Server from Windows client PC(where i
> logged with user02),* it fails to open shares.*
> Here Signing is done but fails to open
> 
> 3. Set "*Server signing =auto*", "*map to guest=never*" and set
> "client signing in windows 2k12 server group policy" to "Microsoft
> network client: Digitally sign communications (Always)” = *Disable*"
> SMB_Server is joined to Windows 2k12 Active Directory with user01.
> Windows PC is logged to windows 2k12 Activer Directory with user02.
> I login to share of my SMB_Server from Windows client PC(where i
> logged with *user02*),* it popups to enter credentials, after
> providing the use01 only the shares opens*on client PC.
> Here NO Signing.
> 
> 4. Set "*Server signing =auto*", "*map to guest=never*" and set
> "client signing in windows 2k12 server group policy" to "Microsoft
> network client: Digitally sign communications (Always)” = *Enable*"
> SMB_Server is joined to Windows 2k12 Active Directory with user01.
> Windows PC is logged to windows 2k12 Activer Directory with user02.
> I login to share of my SMB_Server from Windows client PC(where i
> logged with user02),* it popups to enter credentials, after providing
> the use01 only the shares opens*on client PC. (I know that only
> user01 is added in samba db) Here, signing is done.
> 
> 5. Set "*Server signing =mandatory*", "*map to guest=bad uid*" and set
> "client signing in windows 2k12 server group policy" to "Microsoft
> network client: Digitally sign communications (Always)” = *Enable*"
> SMB_Server is joined to Windows 2k12 Active Directory with user01.
> Windows PC is logged to windows 2k12 Activer Directory with user02.
> I login to share of my SMB_Server from Windows client PC(where i
> logged with user02),* it fails to open shares.*
> Here Signing is done but fails to open
> 
> 
> I want to understand why in case of *#2 and #5* it is not opening
> shares of my smb-4.7.x shares,
> 

Please post your smb.conf

Rowland


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba