[Samba] samba-4.12.9 standalone server : problems with one user only

Stefan G. Weichinger lists at xunil.at
Tue Apr 27 11:03:24 UTC 2021

I could need some brainstorming here.

I run a samba-server at a customer for many years now.

That server started in the days of samba-3.0.x, maybe even 2.x ... would 
have to research.

It's standalone:

# testparm

Load smb config files from /etc/samba/smb.conf

Loaded services file OK.


Press enter to see a dump of your service definitions

# Global parameters


	log file = /var/log/samba/%M.log

	logon home =

	logon path =

	max log size = 100000

	username map = /etc/samba/smbusers

	usershare allow guests = Yes

	workgroup = SOMEGROUP

	idmap config * : backend = tdb

	veto files = /.Trash/


	comment =

	create mask = 0775

	directory mask = 0775

	force group = users

	path = /mnt/revision

	read only = No

	valid users = sgw user1 user2 [..]
	vfs objects = full_audit

	recycle:directory_mode = 770

	recycle:versions = yes

	recycle:keeptree = yes

	recycle:repository = .Trash

	full_audit:failure = all

	full_audit:success = all

	full_audit:priority = NOTICE

	full_audit:facility = LOCAL5


As you see, I disabled vfs_recycle some time ago (we had a thread around 
that topic), so as far as I see only vfs_full_audit is enabled.

No Windows ACLs, no recycle-bin.


There are n= ~6 users, all local, created by smbpasswd.

They all access that server through thin clients, from office or via 
VPNs from home office.

n-1 users have no issues. Permissions ok, connecting to two shares 
("share1" and their $home) works OK. For months now.

They all have their .bat-file on the desktop, with the well-known:

net use x: /DEL /Y

net use y: /DEL /Y

net use x: \\\\samba\\share1 /user:SOMEGROUP\%benutzer% /persistent:no

net use y: \\\\samba\\%benutzer%  /user:SOMEGROUP\%benutzer% /persistent:no

We have to use that because the upstream (think "hostile") company IT 
doesn't roll that out via GPOs or so.

That *works* for yrs now.


One user has issues all the time over the last months.

Sometimes one drive connects, and the second fails (with "wrong 
password" ...  how could that be? same user/pw for all shares)

Now she gets some error mentioning quotas. We don't have quotas enabled, 
at least I am not aware of.

I can access the share from my (linux) PC with her credentials, access 
and create files and folders.


Is it possible that something has been messed up in her user-profile on 
the terminal server she works from?

I can only imagine something is different for her user.

Another observation:

somehow the offline synchronisation was enabled in her session, 
sometimes her windows toggles the drive to "offline" ...

Disabling that needs the domain-admin, which I have no access to.


To me it looks as if it's a problem on the client, or in her user profile.

Would it make any sense to recreate her samba-user on the samba-server?

new IDs or so ... ?

Yes, I could upgrade samba itself as well. So far I run 4.12.9 as it 
works for the others, and is the "stable package" in Gentoo Linux (the 
server runs gentoo).


thanks for any thoughts on this, the user is quite frustrated already 
and the upstream support begins to reply with "the server isn't 
administrated by us ... "

thanks, Stefan

More information about the samba mailing list