Skip to main content

Configuring the guest Linux user

Configuring the guest Linux user option means that users who log in from untrusted domains are mapped to the guest Linux user and can connect to the CIFS server. Alternatively, if you want authentication of users from untrusted domains to fail, you should not configure the guest Linux user. The default is to not allow users from untrusted domains to connect to the CIFS server (the guest Linux account is not configured).

About this task

You should keep the following in mind when configuring the guest Linux account:

  • If the CIFS server cannot authenticate the user against a domain controller for the home domain or a trusted domain or the local database and this option is enabled, the CIFS server considers the user as a guest user and maps the user to the specified Linux user.

  • If this option is set to a null string, the guest Linux user is disabled.

  • You must create a Linux user to use as the guest Linux user in one of the storage virtual machine (SVM) name service databases.

  • A user logged in as a guest user is automatically is a member of the BUILTIN\guests group on the CIFS server.

  • The 'homedirs-public' option applies only to authenticated users. A user logged in as a guest user does not have a home directory and cannot access other users' home directories.

  1. Perform one of the following actions:
    If you want to...Enter...
    Configure the guest Linux uservserver cifs options modify -guest-unix-user unix_name
    Disable the guest Linux uservserver cifs options modify -guest-unix-user ""

    Example

    vserver cifs options modify -guest-unix-user pcuser
  2. Verify that the guest Linux user is configured correctly: vserver cifs options show -vserver vserver_name

    Example

    In the following example, both the default Linux user and the guest Linux user on SVM vs1 are configured to use Linux user pcuser:

    vserver cifs options show -vserver vs1
    Vserver: vs1

    Client Session Timeout : 900
    Default Unix Group : -
    Default UNIX User : pcuser
    Guest UNIX User : pcuser
    Read Grants Exec : disabled
    Read Only Delete : disabled
    WINS Servers : -