After battling Samba configuration across multiple platforms for years, I've finally cracked the code for creating truly public shares. Here's the definitive guide that actually works.
For a completely open share, your smb.conf needs these essential parameters:
[global]
workgroup = WORKGROUP
server string = %h server (Samba, Ubuntu)
security = user
map to guest = Bad User
guest account = nobody
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
passdb backend = tdbsam
usershare allow guests = yes
[public]
path = /media/shared
browsable = yes
writable = yes
guest ok = yes
read only = no
create mask = 0777
directory mask = 0777
force user = nobody
force group = nogroup
When dealing with NTFS partitions (common in Windows migrations), add these mount options to your /etc/fstab:
/dev/sdb1 /media/disk1 ntfs-3g defaults,permissions,noatime,uid=65534,gid=65534 0 0
The uid/gid 65534 typically maps to 'nobody/nogroup'. Verify with:
id nobody
For Windows 7+ clients that still prompt for credentials, try these registry tweaks:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters]
"AllowInsecureGuestAuth"=dword:00000001
When troubleshooting, always check:
testparm -s
smbstatus
tail -f /var/log/samba/log.*
Ensure your shared directories have correct permissions:
chmod -R 777 /media/disk1
chown -R nobody:nogroup /media/disk1
Remember that Samba permissions combine both filesystem ACLs and Samba configuration rules.
After wrestling with Samba configurations across multiple platforms for years, I've finally cracked the code for creating truly public shares. The standard documentation often misses critical details when dealing with mixed Linux/Windows environments and NTFS-formatted drives.
The complete solution requires attention to four key areas in your smb.conf:
[global]
workgroup = WORKGROUP
security = user
map to guest = Bad User
guest account = nobody
unix extensions = no
ntlm auth = yes
client ntlmv2 auth = yes
[public]
path = /media/shared
browsable = yes
writable = yes
guest ok = yes
guest only = yes
create mask = 0777
directory mask = 0777
force user = nobody
force group = nogroupWhen sharing NTFS partitions from Linux:
# Edit /etc/fstab for proper NTFS mounting:
/dev/sda1 /media/disk1 ntfs-3g defaults,permissions,noatime,uid=nobody,gid=nogroup 0 0For Windows 7/10 clients, ensure these registry settings (create a .reg file):
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters]
"AllowInsecureGuestAuth"=dword:00000001Run these commands to verify your setup:
# Check Samba configuration
testparm -v
# Monitor real-time access
sudo tail -f /var/log/samba/log.*
# Test from Linux client
smbclient -L //homeserv -U%For mixed RWX permissions on NTFS:
[disk1]
path = /media/disk1
force create mode = 0777
force directory mode = 0777
inherit permissions = yes
inherit owner = yes
store dos attributes = yes
vfs objects = catia fruit streams_xattrAfter implementing all changes:
- Restart services:
sudo service smbd restart && sudo service nmbd restart - Unmount and remount NTFS partitions
- Clear client-side credentials (especially on Windows)