1. Managing SMB File Sharing and Windows Interoperability in Oracle Solaris 11.4
  2. Setting Up an Oracle Solaris SMB Server to Manage and Share Files
  3. Managing SMB Shares
  4. Managing SMB Shares (Task Map)
  5. Enabling Guest Access

Enabling Guest Access

When you have guest access to a share, you are permitted access to the share even if you are not a regular user of the system. You do not need to present credentials for authentication to gain access to that share.

The SMB server uses the guestok share property to specify whether guest access is permitted for a given share. By default, guest access is disabled. To enable guest access set the guestok property to on.

If you attempt a connection to an SMB server without an account name or a valid account, the request is interpreted as a guest connection. Such a connection is not authenticated unless the guest account has a password. Windows systems typically use a predefined local account called Guest to represent guest connections although this account can be renamed. In the Oracle Solaris OS, you can define an idmap name-based rule to map the Guest Windows user to any local Oracle Solaris user name, such as guest or nobody.

The following command creates a name-based mapping between the Windows user, Guest, and the Oracle Solaris user, guest: 

$ idmap add winname:Guest unixuser:guest

If the local account has an SMB password in the /var/smb/smbpasswd file, the guest connection is authenticated against that password. Any connection over SMB that is made by using an account that maps to the local guest account is designated as a guest connection. In the absence of an idmap rule for Guest, an ephemeral ID is generated for this Windows account by the idmap service.