[Samba] smbclient error message interpretation

Whit Blauvelt whit+samba at transpect.com
Thu Feb 14 00:06:56 GMT 2008

Hi all,

For sure I'm dense today. I use smbclient rarely - every few years just to
test a new setup. I'm building a replacement server, and want to go from an
smbpasswd setup to an ADS member setup. The smbpasswd setup has worked just
fine for the Windows workstations, but we'd like the convenience of just
maintaining the users in one place through Windows.

So I'm going through the "rough guide" at
and have got to where the "net ads join" works. Then I'm trying to test it
with smbclient. All that doc says is "Use smbclient as usual, but specify
the -k option." My problem obviously: I don't usually use smbclient.

Smbclient takes me straight to an error message:

"Server not using user level security and no password supplied."

This happens even when I've just been presented with a password prompt and
given it what should be a good password. And it happens if the password is
in the command line in the --user=username%password syntax. While I don't
know quite what the first part of the message points to, the "and no
password supplied" is, in common sense English, plain wrong.

Obviously there a Samba English in which it's entirely correct and
illuminating. What I'm looking for is the dictionary. Even more confusing: I
get the exact same error message from smbclient on the smbpasswd-based box:

smbclient //BLAH/BLAH --user=whit                                                                                                          
Password: ******
Server not using user level security and no password supplied.

(The difference from the first is just the omission of "-k".)

What? On this box, there are current users from our Windows clients. So
maybe I'm using smbclient wrong, but how? In the ADS version of this, I've
got "security = ADS" set in smb.conf. In the smbpasswd version, security's
whatever it defaults to. Isn't ADS in the category of "user level security"?
And on the smbpasswd-secured box, those users not specified in smb.conf have
no access to the shares, so isn't that "user level security"? Something's
being lost in my attempt at translation into common English. That leaves me
at a loss as to what to look to fix.

Apologies again for the fog I'm in with this. Thanks for all pointers.


More information about the samba mailing list