Guest CIFS Share Not Working

[brk9422]

I have a few different shares set up on my 9.10 box. They all appear to be working fine, with the exception of the "guest" share always prompts for credentials. When looking at the documentation it mentions to use the Wizard (is it not possible to modify some of these attributes after the share is already created? like the owner) to create a new share and then to chose "nobody" as the owner. When in this screen however I only see "root" as a user to select and no others. I ensured that the "allow guest access" and "only allow guest access" options are enabled/selected in my configuration. Everything else is pretty much the same as my other CIFS shares. I want to keep those the same but have this share open to my entire 192.168.0.x network and to not prompt for any credentials when a user browses to it.

Please let me know if you need any additional information. Thanks in advance.

 

[anodos]

I have a few different shares set up on my 9.10 box. They all appear to be working fine, with the exception of the "guest" share always prompts for credentials. When looking at the documentation it mentions to use the Wizard (is it not possible to modify some of these attributes after the share is already created? like the owner) to create a new share and then to chose "nobody" as the owner. When in this screen however I only see "root" as a user to select and no others. I ensured that the "allow guest access" and "only allow guest access" options are enabled/selected in my configuration. Everything else is pretty much the same as my other CIFS shares. I want to keep those the same but have this share open to my entire 192.168.0.x network and to not prompt for any credentials when a user browses to it.

Please let me know if you need any additional information. Thanks in advance.

Post contents of /usr/local/etc/smb4.conf

 

[brk9422]

sure: (public is the one that I want to be for guests while "bradsstuff" is to be locked) I assume aside from this issue everything is set up correctly...that being said if you find other issues or have recommendations please feel free to include them! thanks!

Code:

[global]																															
	server max protocol = SMB3																									 
	interfaces = 127.0.0.1 192.168.0.105																							
	bind interfaces only = yes																									 
	encrypt passwords = yes																										 
	dns proxy = no																												 
	strict locking = no																											 
	oplocks = yes																												   
	deadtime = 15																												   
	max log size = 51200																											
	max open files = 227666																										 
	logging = file																												 
	load printers = no																											 
	printing = bsd																												 
	printcap name = /dev/null																									   
	disable spoolss = yes																										   
	getwd cache = yes																											   
	guest account = guest																										   
	map to guest = Bad User																										 
	obey pam restrictions = yes																									 
	directory name cache size = 0																								   
	kernel change notify = no																									   
	panic action = /usr/local/libexec/samba/samba-backtrace																		 
	nsupdate command = /usr/local/bin/samba-nsupdate -g																			 
	server string = FreeNAS Server																								 
	ea support = yes																												
	store dos attributes = yes																									 
	lm announce = yes																											   
	time server = yes																											   
	null passwords = yes																											
	acl allow execute always = true																								 
	dos filemode = yes																											 
	multicast dns register = yes																									
	domain logons = no																											 
	local master = yes																											 
	idmap config *: backend = tdb																								   
	idmap config *: range = 90000001-100000000																					 
	server role = standalone																										
	netbios name = MARS																											 
	workgroup = MILKYWAY																											
	security = user																												 
	pid directory = /var/run/samba																								 
	create mask = 0666																											 
	directory mask = 0777																										   
	client ntlmv2 auth = yes																										
	dos charset = CP437																											 
	unix charset = UTF-8																											
	log level = 1	
																																   
[bradsStuff]																														
	path = /mnt/mars/bradsStuff																									 
	printable = no																												 
	veto files = /.snapshot/.windows/.mac/.zfs/																					 
	writeable = yes																												 
	browseable = no																												 
	recycle:repository = .recycle/%U																								
	recycle:keeptree = yes																										 
	recycle:versions = yes																										 
	recycle:touch = yes																											 
	recycle:directory_mode = 0777																								   
	recycle:subdir_mode = 0700																									 
	vfs objects = zfs_space zfsacl streams_xattr recycle aio_pthread																
	hide dot files = no																											 
	hosts allow = 192.168.0.100 192.168.0.110 192.168.0.124																		 
	guest ok = no																												   
	nfs4:mode = special																											 
	nfs4:acedup = merge																											 
	nfs4:chown = true																											   
	zfsacl:acesort = dontcare																									   
																																	
																																	
[homes]																															 
	valid users = %U																												
	path = /mnt/mars/%U																											 
	comment = Home Directories																									 
	printable = no																												 
	veto files = /.snapshot/.windows/.mac/.zfs/																					 
	writeable = yes																												 
	browseable = no																												 
	vfs objects = zfs_space zfsacl streams_xattr aio_pthread																		
	hide dot files = yes																											
	guest ok = no																												   
	nfs4:mode = special																											 
	nfs4:acedup = merge																											 
	nfs4:chown = true																											   
	zfsacl:acesort = dontcare																									   
																																	
																																	
[public]																															
	path = /mnt/mars/public																										 
	printable = no																												 
	veto files = /.snapshot/.windows/.mac/.zfs/																					 
	writeable = yes																												 
	browseable = yes																												
	recycle:repository = .recycle/%U																								
	recycle:keeptree = yes																										 
	recycle:versions = yes																										 
	recycle:touch = yes																											 
	recycle:directory_mode = 0777																								   
	recycle:subdir_mode = 0700																									 
	vfs objects = zfs_space zfsacl streams_xattr recycle aio_pthread																
	hide dot files = no																											 
	hosts allow = 192.168.0.0/24																									
	guest ok = yes																												 
	guest only = yes																												
	nfs4:mode = special																											 
	nfs4:acedup = merge																											 
	nfs4:chown = true																											   
	zfsacl:acesort = dontcare																											
			 

 

[anodos]

Your guest user is set to "guest". You should change permissions of the guest share so that it is owned by "guest" as well.

 

[brk9422]

Can i do that from the file? I dont see the option to set that in the GUI. Will that prevent it from coming back with a credentials box or would I put in "guest" with no domain and leave the password blank?

 

[anodos]

Can i do that from the file? I dont see the option to set that in the GUI. Will that prevent it from coming back with a credentials box or would I put in "guest" with no domain and leave the password blank?

You change the owner of the dataset through the FreeNAS webui under Storage -> Volumes.

 

[brk9422]

Can i do that from the file? I dont see the option to set that in the GUI. Will that prevent it from coming back with a credentials box or would I put in "guest" with no domain and leave the password blank?

I found where to change the owner and set that to guest and set it to apply recursively. The machine I am using still prompts for an account so I am going to try a different one and report back.

 

[brk9422]

I think I might have an issue with it caching credentials now. My personal laptop doesnt prompt for creds probably because in order to get to "public" I would have to login with my brad account. That behavior seems to be same if the creds are cached. When I try to access it from my work laptop it always prompts for credentials and then has me select a certificate for some reason. I am thinking the share is set up properly now but not sure if I am trying to access these incorrectly or something now....all I do is go to my computer and use \\ip address\public which then prompts for credentials. If I input the ones for brad it takes me in. Is it possible that there is a parent share or something set up and that is causing the issue or I just need to restart a service or something?

Any further help would be greatly appreciated. Thanks!

 

[brk9422]

My work laptop is connected to a domain but I always prefix with \ so that it does not authenticate to the domain in case that matters. I would like to be able to clear my cache on my personal machine for testing purposes (concerned about it not prompting for credentials on the bradsstuff share...but maybe that is because of the IP address it is using).