Quick tip – PROPERLY auto-mounting unprotected Windows shares in linux with full access

I’m mostly writing this to help myself when I need to do this again. This is how you mount a windows share at boot, with full write privileges.

ON WINDOWS
Share your folder
make sure the owner is set to “Everyone” and be sure to add “Anonymous” as a user with full access (when you type in Anonymous, it should correct to “ANONYMOUS LOGON”). This should be done in share permissions as well as folder permissions. Make sure folder is not read-only on windows.
GUEST ACCOUNT may need to be activated:
gpedit.msc -> Computer Configuration -> Windows Settings -> Security Settings -> Local Policies -> Security Options ->
Accounts: Guest account status: enabled -> REBOOT

ON LINUX

Make the folder to mount in
sudo mkdir /media/mountname

Now edit your Fstab file to set up the mounting
sudo nano /etc/fstab

add lines like this:
//192.168.1.XXX/ShareName /media/mountname cifs username=guest,password=,rw,uid=1000,gid=1000,dir_mode=0777,file_mode=0666,iocharset=utf8,sec=ntlm 0 2

The share address can be any valid UNC path. You can use hostname instead of IP if you want.

Explanation:

username=guest,password= – This is your login info for the share. Since the share accepts guest access we are using the guest user, which has no password (but you must define it blank or it will prompt for one)

rw – mounts the share with read/write permissions

uid=1000,gid=1000 – This sets the user and group info for the mountpoint folder. You can find what values you should use by typing id -u and id -g in the terminal.

dir_mode=0777,file_mode=0666 – This sets the standard access permission for the directory and files. 777 and 666 will give complete access to everything in these folders, by everyone.

iocharset=utf8 – This is a compatibility thing to properly support filenames with odd characters or other languages.

sec=ntlm – This is important. It’s the authentication protocol to use while mounting. NTLM is what most normal windows desktops will use by default. For more info about NTLM click here.

0 2 – These two numbers are order priorities. Basically the first one says if it needs to call sync before unmounting, which we don’t need. The second number is just which pass of mounting it will try to mount this in. Since /media (where our mountpoint is located) isn’t available until the root filesystem is mounted in pass 1, we need this to happen in pass 2. A 0 for the second number will still work because it keeps retrying every failed mount every pass until it works. But no reason to make it messy like that. so 0 2 is safe and clean for cifs.

Done! Go ahead and force a remount by typing sudo mount -v -a to (re)mount everything listed in your fstab file. (-v means verbose for feedback if it fails, -a means all)
Or you can just reboot. You should now see the share’s contents in the mountpoint you specified. And you should have full write privileges. If you dont, check the troubleshooting below.

Troubleshooting
If this doesnt work for you check all info then try:
smbclient //server/share -U guest
and leave password prompt empty and hit enter. If this gives an error then something on the windows side is wrong. If it works with smbclient, but doesn’t in fstab, probably your security type is wrong. check man mount.cifs – around line 327, to see other security options.

You can also try to use the mount command directly to test your options. Be sure your mountpoint is empty before mounting by running sudo umount -l /media/mountpoint
To mount our example share the command would be:
sudo mount -v -t cifs -o username=guest,password=,rw,uid=1000,gid=1000,dir_mode=0777,file_mode=0666,iocharset=utf8,sec=ntlm //192.168.1.XXX/ShareName /media/mountpoint
-v means verbose, -t means “type”, and -o is for listing options. Any errors here are the same errors you will get when automounting with fstab.

Leave a Reply