[Samba] share not working
jillelaine
jillelaine01 at gmail.com
Wed Nov 27 16:12:20 UTC 2019
On 11/27/19 12:44 AM, Rowland penny via samba wrote:
> On 26/11/2019 22:54, jillelaine via samba wrote:
>> I have a small home network with server and 5 clients all on an
>> internal LAN with private IPs.
>>
>> Samba, Version 4.7.6-Ubuntu, file sharing is not working on the server
>> for any of the 5 clients. I have tried both mount.cifs and smbclient.
>> The same errors are thrown in the server's samba logs for all
>> connection attempts, regardless of how the client tries to connect:
>> getpwuid(1000) failed, Failed to finalize nt token &
>> NT_STATUS_UNSUCCESSFUL
>>
>> Below is some data. Please tell me what else is needed to help
>> diagnose this problem. Thank you for your help.
>> ---------------------------
>> SERVER - jazz
>> Kubuntu VERSION="18.04.3 LTS (Bionic Beaver)"
>> Samba, Version 4.7.6-Ubuntu
>>
>> Shared directory 'samba' and permissions
>> drwxr-xr-x 4 root sambashare 4096 Nov 25 16:04 samba
>> --------------------------
>> Contents of 'samba' directory
>> drwxr-xr-x 4 root sambashare 4096 Nov 25 16:04 .
>> drwxr-xr-x 25 root root 4096 Nov 25 15:57 ..
>> drwxrws--- 2 root sambashare 4096 Nov 25 16:04 users
>> ---------------------------
>> smb.conf
>> [global]
>> workgroup = WORKGROUP
>> server string = %h server (Samba, Ubuntu)
>> dns proxy = no
>> root directory = /samba
>> log file = /var/log/samba/log.%m
>> max log size = 1000
>> log level = 3
>> panic action = /usr/share/samba/panic-action %d
>> server role = standalone server
>> passdb backend = tdbsam
>> obey pam restrictions = yes
>> unix password sync = yes
>> passwd program = /usr/bin/passwd %u
>> passwd chat = *Enter\snew\s*\spassword:* %n\n
>> *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
>> pam password change = yes
>> map to guest = bad user
>> usershare allow guests = yes
>> guest account = jj
>>
>> [users]
>> comment = Our Jazz Files
>> path = /samba/users
>> browseable = yes
>> read only = no
>> create mask = 0775
>> directory mask = 0775
>> guest ok = yes
>
> I take it that you have created 'jj' on your standalone server and then
> made it a Samba user with 'smbpasswd -a jj'
>
> If so, why have made the guest user 'jj' as well ?
>
> If you want/need guest access, remove 'guest account = jj'
>
> If you do not want/need guest access and only want/need authenticated
> access, remove 'map to guest = bad user', 'guest account = jj' and
> 'guest ok = yes'
>
> Rowland
Thank you for your help.
jj has an acct on the server, is enabled, and is in the sambashare group.
----------------
jj at jazz:/var/log/samba$ sudo pdbedit -L
...
jj:1000:jj
----------------
jj at jazz:/var/log/samba$ getent group sambashare
sambashare:x:126:jj,frazz
-----------------
I do want guest access. I have modified the smb.conf as you suggest.
-----------------
Error from mount cifs attempt
sudo mount -t cifs //jazz/users /mnt/jazz --verbose -o user=jj,pass=****
mount.cifs kernel mount options:
ip=192.168.1.30,unc=\\jazz\users,user=jj,pass=********
mount error(13): Permission denied
-----------------
Error from smbclient attempt
smbclient //jazz/users -U jj
WARNING: The "syslog" option is deprecated
Enter WORKGROUP\jj's password:
session setup failed: NT_STATUS_LOGON_FAILURE
-----------------
And I get different errors in the samba log without the global "guest
account = jj": NT_STATUS_NO_SUCH_USER and NT_STATUS_LOGON_FAILURE. See
below.
----new smb.conf-----
[global]
workgroup = WORKGROUP
server string = %h server (Samba, Ubuntu)
dns proxy = no
root directory = /samba
log file = /var/log/samba/log.%m
max log size = 1000
log level = 3
panic action = /usr/share/samba/panic-action %d
server role = standalone server
passdb backend = tdbsam
obey pam restrictions = yes
unix password sync = yes
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\s*\spassword:* %n\n
*Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
pam password change = yes
map to guest = bad user
usershare allow guests = yes
[users]
comment = Our Jazz Files
path = /samba/users
browseable = yes
read only = no
create mask = 0775
directory mask = 0775
guest ok = yes
-----------------------------
samba log for the connecting computer for mount cifs attempt (log a bit
different for smbclient attempt, but ending errors are the same)WARNING:
The "syslog" option is deprecated
...
[2019/11/27 15:20:05.562800, 3]
../source3/auth/auth.c:189(auth_check_ntlm_password)
check_ntlm_password: Checking password for unmapped user []\[jj]@[]
with the new password interface
[2019/11/27 15:20:05.562843, 3]
../source3/auth/auth.c:192(auth_check_ntlm_password)
check_ntlm_password: mapped user is: []\[jj]@[]
[2019/11/27 15:20:05.563261, 0]
../source3/passdb/lookup_sid.c:1605(get_primary_group_sid)
Failed to find a Unix account for jj
[2019/11/27 15:20:05.563663, 1]
../source3/auth/server_info_sam.c:85(make_server_info_sam)
User jj in passdb, but getpwnam() fails!
[2019/11/27 15:20:05.563720, 0]
../source3/auth/check_samsec.c:493(check_sam_security)
check_sam_security: make_server_info_sam() failed with
'NT_STATUS_NO_SUCH_USER'
[2019/11/27 15:20:05.563818, 2]
../source3/auth/auth.c:332(auth_check_ntlm_password)
check_ntlm_password: Authentication for user [jj] -> [jj] FAILED
with error NT_STATUS_NO_SUCH_USER, authoritative=1
[2019/11/27 15:20:05.563900, 2]
../auth/auth_log.c:760(log_authentication_event_human_readable)
Auth: [SMB2,(null)] user []\[jj] at [Wed, 27 Nov 2019 15:20:05.563863
UTC] with [NTLMv2] status [NT_STATUS_NO_SUCH_USER] workstation [] remote
host [ipv4:192.168.1.127:34504] mapped to []\[jj]. local host
[ipv4:192.168.1.30:445]
[2019/11/27 15:20:05.564189, 2] ../auth/auth_log.c:220(log_json)
JSON Authentication: {"timestamp": "2019-11-27T15:20:05.564011+0000",
"type": "Authentication", "Authentication": {"version": {"major": 1,
"minor": 0}, "status": "NT_STATUS_NO_SUCH_USER", "localAddress":
"ipv4:192.168.1.30:445", "remoteAddress": "ipv4:192.168.1.127:34504",
"serviceDescription": "SMB2", "authDescription": null, "clientDomain":
"", "clientAccount": "jj", "workstation": "", "becameAccount": null,
"becameDomain": null, "becameSid": "(NULL SID)", "mappedAccount": "jj",
"mappedDomain": "", "netlogonComputer": null, "netlogonTrustAccount":
null, "netlogonNegotiateFlags": "0x00000000",
"netlogonSecureChannelType": 0, "netlogonTrustAccountSid": "(NULL SID)",
"passwordType": "NTLMv2"}}
[2019/11/27 15:20:05.564328, 3]
../source3/smbd/smb2_server.c:3139(smbd_smb2_request_error_ex)
smbd_smb2_request_error_ex: smbd_smb2_request_error_ex: idx[1]
status[NT_STATUS_LOGON_FAILURE] || at ../source3/smbd/smb2_sesssetup.c:134
[2019/11/27 15:20:05.699183, 3]
../source3/smbd/server_exit.c:244(exit_server_common)
Server exit (NT_STATUS_END_OF_FILE)
More information about the samba
mailing list