[Samba] Disable AD checking per share in smb.conf [sec=unclassified]

Hi,


Is it possible to have non-authenticating shares on an server with security­S ?


I have a RHEL server, with Centrify Express, and joined to a domain, but I would
like to have a samba share that doesn't request a username/password for machines
not on the domain.


When I have a plain windows XP machine (not on the domain) attempt to connect, I
get asked for a username/password.

Is this possible? (to have a public share) whilst also having shares that use AD
usernames for other users.

I'm using

CentrifyDC-adbindproxy-4.5.1-504.i386
CentrifyDC-5.0.1-177.i386
CentrifyDC-samba-3.5.9-4.5.1.504.i386
CentrifyDC-openssh-5.9p1-4.5.2.534.i386


Regards
Kym




[global]
security = ADS
realm = XXXX
workgroup = XXXX
netbios name = XXX
server string = Science Technical Support - Development Server

auth methods = guest, sam, winbind, ntdomain
machine password timeout = 0
passdb backend = tdbsam:/etc/samba/private/passdb.tdb

#
# Using kerberos keytab may lead to a serious Samba crash.
# Centrify recommends against using it.
# Kerberos authentication is still supported without it.
#
use kerberos keytab = No
client use spnego principal = true

# If your Samba server only serves to Windows systems, try server signing =
mandatory.
server signing = auto

template shell = /bin/bash

winbind use default domain = Yes

winbind enum users = No
winbind enum groups = No
winbind nested groups = Yes

ignore syssetgroups error = No

idmap uid = 1000 - 200000000
idmap gid = 1000 - 200000000

enable core files = false

# Disable Logging to syslog, and only write log to Samba standard log files.

syslog = 0

guest account = nobody
map to guest = Bad Uid

[samba-test]
path = /samba-test
guest ok = yes
read only = yes
browseable = yes
force user = nobody
force group = nobody



Kym B Newbery, Science Technical Support Electronics Design Engineer
Australian Antarctic Division 203 Channel Highway, Kingston, TASMANIA, 7050.
PHONE +61 3 6232 3329 FAX +61 3 6232 3351


___________________________________________________________________________

Australian Antarctic Division - Commonwealth of Australia
IMPORTANT: This transmission is intended for the addressee only. If you are not the
intended recipient, you are notified that use or dissemination of this communication is
strictly prohibited by Commonwealth law. If you have received this transmission in error,
please notify the sender immediately by e-mail or by telephoning +61 3 6232 3209 and
DELETE the message.
Visit our web site at http://www.antarctica.gov.au/
___________________________________________________________________________
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba