Configure the guest UNIX user
Configuring the guest UNIX user option means that users who log in from untrusted domains are mapped to the guest UNIX user and can connect to the CIFS server. Alternatively, if you want authentication of users from untrusted domains to fail, you should not configure the guest UNIX user. The default is to not allow users from untrusted domains to connect to the CIFS server (the guest UNIX account is not configured).
You should keep the following in mind when configuring the guest UNIX account:
-
If the CIFS server cannot authenticate the user against a domain controller for the home domain or a trusted domain or the local database and this option is enabled, the CIFS server considers the user as a guest user and maps the user to the specified UNIX user.
-
If this option is set to a null string, the guest UNIX user is disabled.
-
You must create a UNIX user to use as the guest UNIX user in one of the storage virtual machine (SVM) name service databases.
-
A user logged in as a guest user is automatically is a member of the BUILTIN\guests group on the CIFS server.
-
The 'homedirs-public' option applies only to authenticated users. A user logged in as a guest user does not have a home directory and cannot access other users' home directories.
-
Perform one of the following actions:
If you want to… Enter… Configure the guest UNIX user
vserver cifs options modify -guest-unix-user unix_name
Disable the guest UNIX user
vserver cifs options modify -guest-unix-user ""
vserver cifs options modify -guest-unix-user pcuser
-
Verify that the guest UNIX user is configured correctly:
vserver cifs options show -vserver vserver_name
In the following example, both the default UNIX user and the guest UNIX user on SVM vs1 are configured to use UNIX user “pcuser”:
vserver cifs options show -vserver vs1
Vserver: vs1 Client Session Timeout : 900 Default Unix Group : - Default Unix User : pcuser Guest Unix User : pcuser Read Grants Exec : disabled Read Only Delete : disabled WINS Servers : -