On 17/11/14 14:55, John Cobley wrote:> Hi All,
>
> Hopefully someone can help here.
>
> I'm being asked for user name and password when I try to connect
> directly to the share from computers that are not on the managed domain.
>
> My config (the relevant parts) -
>> [global]
>> server role = active directory domain controller
>> map to guest = Bad User
>> map untrusted to domain = yes
>> security = user
>> guest account = nobody
>>
>> [admin]
>> path = /afs/comtek.co.uk/admin
>> read only = yes
>> comment = Read only access to AFS admin directory
>> #nt acl support = yes
>> force user = root
>> guest ok = yes
>> browsable = yes
>> guest only = yes
> If I run "smbclient //empire.chester-dc.comtek.co.uk/admin
-Udsfsdf"
> on a server that is also not on the domain it asks me for the
> password, I hit enter and I get "Anonymous login successful" and
I'm
> able to browse the directory.
>
> I'm using 4.1.11-Debian if it helps.
>
> Anyone got any ideas?
>
> Regards,
>
> John
>
Hi, it is not recommended to use the AD DC as a fileserver, see here:
https://wiki.samba.org/index.php/Samba_AD_DC_HOWTO#Further_Documentation
Particularly the 'Introduction' section.
One of the reasons is the problem that you are having.
Rowland