• November 11, 2019, 10:30:22 PM
  • Welcome, Guest
Please login or register.

Login with username, password and session length
Advanced search  

News:

This Forum Beta is ONLY for registered owners of D-Link products in the USA for which we have created boards at this time.

Pages: 1 2 3 [4] 5

Author Topic: Vote to reinstate anonymous shares while having access controlled folders  (Read 40248 times)

gunrunnerjohn

  • Level 11 Member
  • *
  • Posts: 2717

Obviously, if it's not that simple, that might explain it...
Logged
Microsoft MVP - Windows Desktop Experience
Remember: Data you don't have two copies of is data you don't care about!
PS: RAID of any level is NOT a second copy.

Rodent

  • Level 3 Member
  • ***
  • Posts: 136

Obviously, if it's not that simple, that might explain it...

Of cause if itís not that simple, but than if itís not that simple a little explanation from D-Link could go a long way to curving there consumers anxiety.
Logged

vk

  • Level 2 Member
  • **
  • Posts: 25

Probably there are other tricks, but after I made that simple samba configuration change as I previously mentioned the network shares on my 1.08 box now works just like 1.07, I haven't changed it back ever since.

Of course there are drawbacks, that's why it's been changed in 1.08 at the first place, but for people who don't mind the drawbacks the old way of sharing actually works very well.
Logged

jolley

  • Guest

Can you remind me what the drawbacks are? Cheers.
Logged

gunrunnerjohn

  • Level 11 Member
  • *
  • Posts: 2717

Probably there are other tricks, but after I made that simple samba configuration change as I previously mentioned the network shares on my 1.08 box now works just like 1.07, I haven't changed it back ever since.
How did you get the change to stick through reboots?
Logged
Microsoft MVP - Windows Desktop Experience
Remember: Data you don't have two copies of is data you don't care about!
PS: RAID of any level is NOT a second copy.

vk

  • Level 2 Member
  • **
  • Posts: 25

I created a fun_plug start up script named smbfix.sh to make this samba configuration change persist after reboot. The script itself is quite simple:

#!/ffp/bin/sh

# PROVIDE: smbfix
# REQUIRE: LOGIN

sed -i 's/^security = USER/security = SHARE/g' /etc/samba/smb.conf
smb restart


For people who are not familiar with Unix scripting, what this script does is simply replacing "security = USER" to "security = SHARE" in smb.conf file, then restart samba.

To make this script work I have Fonz funplug 0.5 installed, after that really the only thing I have to do is to drop this script to /ffp/start, then make it executable (run "chmod +x smbfix.sh").
Logged

vk

  • Level 2 Member
  • **
  • Posts: 25

Can you remind me what the drawbacks are? Cheers.
I believe D-Link could provide a much better answer on this, after all they weighed all the pros and cons and then made the switch in 1.08.

For me the only drawback is if I'm using different user name/password on Windows and nas, to access the password protected folders on nas I have to map them as network drives first, otherwise I cannot access them directly as a different user. Not really a big deal to me, since I have root folder mapped by default.

If you are using same credential on Windows and nas then everything would be transparent, likely you won't notice any difference.
Logged

gunrunnerjohn

  • Level 11 Member
  • *
  • Posts: 2717

For me the only drawback is if I'm using different user name/password on Windows and nas, to access the password protected folders on nas I have to map them as network drives first, otherwise I cannot access them directly as a different user. Not really a big deal to me, since I have root folder mapped by default.


Can you clarify this?  I have a space in all my Windows login names, so I can't use the same name on the NAS, Linux apparently doesn't allow any spaces in the name.  Given that fact, I have a different user name for connecting to the NAS.

I don't may the network drives, I use network path specifications to access all the NAS boxes.  Under what scenario do you see this being an issue?  FWIW, it works fine now, but I just can't have anonymous shares with the password protected shares, that's all I'd like to change.
Logged
Microsoft MVP - Windows Desktop Experience
Remember: Data you don't have two copies of is data you don't care about!
PS: RAID of any level is NOT a second copy.

vk

  • Level 2 Member
  • **
  • Posts: 25

Here you can find a bit more explanation: http://wiki.dns323.info/howto:bettersamba#how_to_make_the_dns-323_work_with_unc_paths

Please be ware this particular section is talking about 1.03/1.04 firmware, which still applies till 1.07, but apparently had been changed in 1.08. For a matter of fact to resolve this issue it's recommending same Samba configuration change as D-Link did in 1.08 (probably D-Link got this idea from this wiki   ;D )

I didn't investigate more about this issue, one thing very obvious is in 1.07 style sharing while accessing Nas Windows asks password only,  user name field is grayed out, I guess which means if you are not using the user name that Windows assumes then likely you won't be able to log in (unless you map it as a network drive). On the other hand if you have only one user configured on Nas then it's possible that you won't see this issue, for me since I have multiple user accounts configured on my DNS-323 with different privilege I guess that's why I'm seeing this issue in 1.07 style sharing. Again, it doesn't really bother me much.

I still believe it's a good idea to make it configurable through web UI, really everyone has different needs, and really it's just a simple samba configuration change (please, correct me if I'm wrong).
Logged

gunrunnerjohn

  • Level 11 Member
  • *
  • Posts: 2717

For me the only drawback is if I'm using different user name/password on Windows and nas, to access the password protected folders on nas I have to map them as network drives first, otherwise I cannot access them directly as a different user. Not really a big deal to me, since I have root folder mapped by default.
Hmm...  That would be a problem for me, I don't map the drives by default, I access them using network paths.

I've solved this issue by relegating the DNS-323 and DNS-321 as backups with only one user accessing them.  The main box for multiple users now is a Synology DS209, it allows public folders, spaces in the Windows login name, etc.  Mixing anonymous and password protected shares work the same as a Windows SMB share with this box.
Logged
Microsoft MVP - Windows Desktop Experience
Remember: Data you don't have two copies of is data you don't care about!
PS: RAID of any level is NOT a second copy.

UnTroll

  • Level 1 Member
  • *
  • Posts: 1

Why not adding a configuration in the NETWORK ACCESS page to choose which version of NTLM the user wants to use? You just have to explain the limitations of each version of NTLM and the user will choose.
Logged

AKFubar

  • Level 3 Member
  • ***
  • Posts: 118

I vote YES !
Logged

gunrunnerjohn

  • Level 11 Member
  • *
  • Posts: 2717

I still believe it's a good idea to make it configurable through web UI, really everyone has different needs, and really it's just a simple samba configuration change (please, correct me if I'm wrong).

The obvious question is, what exactly would I change in the SAMBA configuration file to fix this. :)  Accessing the file isn't the issue, but I don't know exactly how to get back to the way it was...
Logged
Microsoft MVP - Windows Desktop Experience
Remember: Data you don't have two copies of is data you don't care about!
PS: RAID of any level is NOT a second copy.

dosborne

  • Level 5 Member
  • *****
  • Posts: 598

There is of course one possible solution, have one DNS323 open for public consumption and one locked down. That's how I run mine. I do feel it should be a user decision, but there are ways around it.
Logged
3 x DNS-323 with 2 x 2TB WD Drives each for a total of 12 TB Storage and Backup. Running DLink Firmware v1.08 and Fonz Fun Plug (FFP) v0.5 for improved software support.
Pages: 1 2 3 [4] 5