Background:
I am setting up a Linux box for a local accounting office. The purpose of the box is to alleviate the threat of viruses that have access to the network via USB drives. Please keep in mind that this office needs the highest security possible. My configuration is attempting to leverage Samba to allow members of the already configured (and highly secure) Windows 2008 Server to access the Samba share. I have added the user name of each of the people who need to access the Linux box to the system but have not added passwords as the passwords on the Windows Server are required to change quite often. Attempting to manage a password database on the Linux box is to be avoided if at all possible.
Requirements:
- No password authentication required for logged-in Windows users to access Samba share.
- As little manipulation of current Windows security policies as possible.
- All users who access the share should have full read and write permissions (execute is NOT necessary).
Problem:
Currently, all attempts to connect to the Samba server by unauthenticated users is met with an error on the Windows side saying "Access to the resource {insert IP address} has been disallowed." Samba is running with the following smb.conf
file that I built from scratch:
[global]
workgroup = {Windows Domain Name}
server string = Removable Media Server
security = share
[media]
path = /media
writable = yes
browsable = yes
guest ok = yes
guest only = yes
force directory mode = 0666
force create mode = 0666
Samba version is 3.6.9. Samba's testparm
command returns no errors. I have always restarted the Samba server after making changes to the Samba configuration.
What I have tried:
In smb.conf
:
- Setting security to user.
- And just about every setting I have run across.
Other things of note:
The Samba share IS seen by the Windows domain and is actually accessible from a Windows administrator session.
One more thing: I am very new to Samba so please bear with me.