Samba - Guest Access from Windows

[jc5494126]

We have a samba server setup for user to access the server files from windows. We created a guest account for read-only access. I am working on adding a URL link into a portal page to open a file in server, but the annoying thing is that it prompts for username/password, I have to type in guest (no password is needed) to go through. The URL I am using is like file://server/dir/file, I am wondering whether I can somehow pass in the username of guest through the URL, so user will not get prompted.

Thanks.

[Segfault]

Welcome to the forums!

May I suggest out-of-box thinking? Why should ro access be thru Samba? Start up some lightweight HTTP server and that's it.

For instance webfs.

[jc5494126]

Thanks for the suggestion. Samba implementation is our enterprise wide solution, we use it for other purposes as well. I guess I can build a simple http solution, but I hope I can take advantage the existing Samba configuration we have here.

[HROAdmin26]

I believe in order to have a "completely open" share in Samba (guest access - no password), you have to use security = share in Samba. The default is security = user.

You can Google for more info.

From the RedHat link above:

With share-level security, the server accepts only a password without an explicit username from the client. The server expects a password for each share, independent of the username. There have been recent reports that Microsoft Windows clients have compatibility issues with share-level security servers. Samba developers strongly discourage use of share-level security.

I would agree that using Samba in this manner is *not* a good idea.

[jc5494126]

Actually we do have the security level set to user, that is why it prompts for username/password when user click the URL. We literally create a read-only user called guest with no password. What I'd like to see is somehow I can add something like "UserId=guest" to the URL, so user will not get prompted for the username/password.

[HROAdmin26]

If you have a question about Samba/server-side, maybe someone can help. But if your question is about manipulating the client-side, a Windows forum would be a better choice.

* Off the top of my head, no, I don't think there is any MSFT provision for a "username" in the "URL". (I put URL in quotation because it's not a URL.) MSFT expects you are talking to another *Windows* machine and thus will pass your logged-in credentials or else specify an account. You can use the Windows "net use" command via a script to authenticate first and then pop your "share" open. The script would be essentially "mapping a drive" first. A BAT file on the desktop or domain/login sequence could be used for this.

Code:

net use \\SERVER\SHARE <password> /USER:<username>

* You are passing a "URL" to the client that would only work for Windows clients - making your "portal" *not* compatible with anything else. And yet you're running a "mixed" environment with Samba servers? Seems contradictory...

* You could alternatively MOUNT the Samba share on your portal/webserver, and then change your webserver to allow it to pull files from the mounted share. Data would flow from Samba > Webserver > Client, but it would remove client compatibilty issues and the "URL" question.