Windows 사용자가 syslog 서버("littleEngineer")의 일부 로그 파일에 액세스할 수 있도록 구성된 비교적 새로운 삼바 설치가 있습니다. 그러나 access가 있는 공유 목록을 가져오려면 비밀번호를 묻는 메시지가 표시됩니다. \\littleEngineer\사용자가 보안 공유에 액세스하려고 할 때만 비밀번호를 묻는 메시지가 표시되도록 이 동작을 비활성화할 수 있는 방법이 있습니까?
이것은 내 testparm결과입니다.
root@littleEngineer /var/log/samba $ testparm
Load smb config files from /etc/samba/smb.conf
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
WARNING: The "idmap uid" option is deprecated
WARNING: The "idmap gid" option is deprecated
Processing section "[aviationLogs]"
WARNING: The security=share option is deprecated
Loaded services file OK.
Server role: ROLE_STANDALONE
Press enter to see a dump of your service definitions
[global]
workgroup = BIZCO
realm = BIZCO.COM
server string = Samba Server Version %v
security = SHARE
password server = BIZCO.COM
log file = /var/log/samba/log.%m
max log size = 50
utmp = Yes
template shell = /bin/bash
winbind use default domain = Yes
idmap config * : range = 16777216-33554431
idmap config * : backend = tdb
cups options = raw
[aviationLogs]
comment = Apache httpd Log Files (Access and Error)
path = /var/log/central-logs/aviation
force user = root
guest ok = Yes
편집하다:
클라이언트: Windows 7 SP1 클라이언트 컴퓨터는 VPN을 통해 고객의 로컬 네트워크에 연결되지만 AD 도메인의 일부는 아닙니다. 내 노트북이 Fuzzypants.com 도메인의 일부라고 가정하면 Samba는 Bizco.com(우리 클라이언트)에 대해 구성됩니다.
log.%m공유를 선택하고 프롬프트에서 "취소"를 클릭했을 때 부터 :
[2014/08/13 21:56:28.812088, 3] lib/access.c:338(allow_access)
Allowed connection from xxx.xxx.28.194 (xxx.xxx.28.194)
[2014/08/13 21:56:28.812201, 3] smbd/oplock.c:922(init_oplocks)
init_oplocks: initializing messages.
[2014/08/13 21:56:28.812372, 3] smbd/oplock_linux.c:226(linux_init_kernel_oplocks)
Linux kernel oplocks enabled
[2014/08/13 21:56:28.812519, 3] smbd/process.c:1662(process_smb)
Transaction 0 of length 159 (0 toread)
[2014/08/13 21:56:28.812569, 3] smbd/process.c:1467(switch_message)
switch message SMBnegprot (pid 2467) conn 0x0
[2014/08/13 21:56:28.813049, 3] smbd/negprot.c:598(reply_negprot)
Requested protocol [PC NETWORK PROGRAM 1.0]
[2014/08/13 21:56:28.813104, 3] smbd/negprot.c:598(reply_negprot)
Requested protocol [LANMAN1.0]
[2014/08/13 21:56:28.813143, 3] smbd/negprot.c:598(reply_negprot)
Requested protocol [Windows for Workgroups 3.1a]
[2014/08/13 21:56:28.813177, 3] smbd/negprot.c:598(reply_negprot)
Requested protocol [LM1.2X002]
[2014/08/13 21:56:28.813212, 3] smbd/negprot.c:598(reply_negprot)
Requested protocol [LANMAN2.1]
[2014/08/13 21:56:28.813247, 3] smbd/negprot.c:598(reply_negprot)
Requested protocol [NT LM 0.12]
[2014/08/13 21:56:28.813315, 3] smbd/negprot.c:598(reply_negprot)
Requested protocol [SMB 2.002]
[2014/08/13 21:56:28.813350, 3] smbd/negprot.c:598(reply_negprot)
Requested protocol [SMB 2.???]
[2014/08/13 21:56:28.813514, 3] smbd/negprot.c:401(reply_nt1)
not using SPNEGO
[2014/08/13 21:56:28.813553, 3] smbd/negprot.c:704(reply_negprot)
Selected protocol NT LM 0.12
[2014/08/13 21:56:46.975628, 1] smbd/process.c:457(receive_smb_talloc)
receive_smb_raw_talloc failed for client xxx.xxx.28.194 read error = NT_STATUS_CONNECTION_RESET.
[2014/08/13 21:56:46.975865, 3] smbd/server_exit.c:181(exit_server_common)
Server exit (failed to receive smb request)
성공적인 인증에 대한 로그 출력을 제공할 수 있지만 그다지 유익하지 않을 수 있습니다.
편집 #2
마지막 로그에는 정보가 없으므로 로그인 프롬프트를 전달하고 check_ntlm_password보기 시작하라는 메시지가 표시됩니다 log.%m.
[2014/08/14 12:33:59.988239, 3] auth/auth.c:219(check_ntlm_password)
check_ntlm_password: Checking password for unmapped user []\[]@[] with the new password interface
[2014/08/14 12:33:59.988274, 3] auth/auth.c:222(check_ntlm_password)
check_ntlm_password: mapped user is: []\[]@[]
[2014/08/14 12:33:59.988328, 3] auth/auth.c:268(check_ntlm_password)
check_ntlm_password: guest authentication for user [] succeeded
[2014/08/14 12:33:59.988379, 3] smbd/process.c:1467(switch_message)
switch message SMBtconX (pid 6290) conn 0x0
[2014/08/14 12:33:59.988450, 3] lib/access.c:338(allow_access)
Allowed connection from XXX.XXX.29.76 (XXX.XXX.29.76)
[2014/08/14 12:33:59.988613, 3] auth/auth.c:219(check_ntlm_password)
check_ntlm_password: Checking password for unmapped user [bizco]\[davisja5]@[XXX.XXX.29.76] with the new password interface
[2014/08/14 12:33:59.988651, 3] auth/auth.c:222(check_ntlm_password)
check_ntlm_password: mapped user is: [XXXXXXVLP01]\[davisja5]@[XXX.XXX.29.76]
[2014/08/14 12:33:59.988735, 3] auth/check_samsec.c:399(check_sam_security)
check_sam_security: Couldn't find user 'davisja5' in passdb.
[2014/08/14 12:33:59.988772, 2] auth/auth.c:319(check_ntlm_password)
check_ntlm_password: Authentication for user [davisja5] -> [davisja5] FAILED with error NT_STATUS_NO_SUCH_USER
[2014/08/14 12:33:59.988819, 3] auth/auth.c:219(check_ntlm_password)
check_ntlm_password: Checking password for unmapped user [BIZCO]\[davisja5]@[XXX.XXX.29.76] with the new password interface
[2014/08/14 12:33:59.988853, 3] auth/auth.c:222(check_ntlm_password)
check_ntlm_password: mapped user is: [XXXXXXVLP01]\[davisja5]@[XXX.XXX.29.76]
[2014/08/14 12:33:59.988927, 3] auth/check_samsec.c:399(check_sam_security)
check_sam_security: Couldn't find user 'davisja5' in passdb.
[2014/08/14 12:33:59.988964, 2] auth/auth.c:319(check_ntlm_password)
check_ntlm_password: Authentication for user [davisja5] -> [davisja5] FAILED with error NT_STATUS_NO_SUCH_USER
[2014/08/14 12:33:59.989005, 3] auth/auth.c:219(check_ntlm_password)
check_ntlm_password: Checking password for unmapped user [BIZCO]\[davisja5]@[XXX.XXX.29.76] with the new password interface
[2014/08/14 12:33:59.989039, 3] auth/auth.c:222(check_ntlm_password)
check_ntlm_password: mapped user is: [XXXXXXVLP01]\[davisja5]@[XXX.XXX.29.76]
[2014/08/14 12:33:59.989092, 3] auth/check_samsec.c:399(check_sam_security)
check_sam_security: Couldn't find user 'davisja5' in passdb.
[2014/08/14 12:33:59.989126, 2] auth/auth.c:319(check_ntlm_password)
check_ntlm_password: Authentication for user [davisja5] -> [davisja5] FAILED with error NT_STATUS_NO_SUCH_USER
[2014/08/14 12:33:59.989167, 3] auth/auth.c:219(check_ntlm_password)
check_ntlm_password: Checking password for unmapped user [BIZCO]\[davisja5]@[XXX.XXX.29.76] with the new password interface
[2014/08/14 12:33:59.989201, 3] auth/auth.c:222(check_ntlm_password)
check_ntlm_password: mapped user is: [XXXXXXVLP01]\[davisja5]@[XXX.XXX.29.76]
[2014/08/14 12:33:59.989253, 3] auth/check_samsec.c:399(check_sam_security)
check_sam_security: Couldn't find user 'davisja5' in passdb.
[2014/08/14 12:33:59.989286, 2] auth/auth.c:319(check_ntlm_password)
check_ntlm_password: Authentication for user [davisja5] -> [davisja5] FAILED with error NT_STATUS_NO_SUCH_USER
[2014/08/14 12:33:59.989359, 3] smbd/password.c:721(authorise_login)
authorise_login: ACCEPTED: guest account and guest ok (root)
[2014/08/14 12:33:59.989566, 3] passdb/lookup_sid.c:1754(get_primary_group_sid)
Forcing Primary Group to 'Domain Users' for root
[2014/08/14 12:33:59.989752, 3] smbd/service.c:872(make_connection_snum)
Connect path is '/tmp' for service [IPC$]