Home / server / Questions / 354791
Accepted
cdecker
Asked: 2012-01-30 09:31:30 +0800 CST

Samba share with guest access and authenticated users for write access

  • 772

I'm trying to get a shared folder to work. Everyone should have read access (preferably not even a password prompt should pop up when connecting with Windows), but a few selected users should be able to log in and have write access too.

So far I have the following configuration:

[global]
    server string = %h server
    security = SHARE
    obey pam restrictions = Yes
    pam password change = Yes
    unix password sync = Yes
    syslog = 0
    log file = /var/log/samba/log.%m
    max log size = 1000

[shared]
    comment = Shared
    path = /shared
    write list = @users
    create mask = 0660
    directory mask = 0771
    guest ok = Yes

While this works nicely in allowing anonymous users to access the share (with the password prompt disabled), it will not allow me to connect with a authenticated user

smbclient //192.168.2.9/shared/
Enter cdecker's password: 
tree connect failed: NT_STATUS_ACCESS_DENIED

I also tried server-level security, but that required all users to be authenticated and the password prompt would bug the hell out of my users.

samba share read-only

1 Answers

  1. Best Answer

    man smb.conf:

    guest ok (S)

    If this parameter is yes for a service, then no password is required to connect to the service. Privileges will be those of the guest account.

    I suppose there is no way to accomplish what you want to have in this way. As a workaround, I would suggest defining another share without setting guest ok = yes and let the authenticating users connect there instead.

    [shared-auth]
    comment = Shared
    path = /shared
    write list = @users
    create mask = 0660
    directory mask = 0771
    • 4