Return to Level1Techs.com

Can't get seond user on SAMBA share to autenticate

Hi I cant seem to get a second user working on my lan SAMBA server. The Server itself works and the default user works fine. I have follows the various tutorials to try and add a second user to the server that will have read only acess to the server. First tutorial I have also used the system-config-samba gui to add folders the folders to the smb.conf as well as set user permissions. I have also verified that the new user shows up in smbstatus but when I go to login via any client I get a “permission denied” or “invalid login”. I have also rebooted the server as well as restarting the services with no effect. I will attach a link to the smb.conf for refrence. In my case the second user is called “ameila” and the primary or working user is “logan”.

smb.conf (pastebin)

Samba can truly be confusing at times…

You can get more info in your logs by placing the following line in your config and restarting:
log level = 1 auth:3 winbind:3 Place the line below the log level line.

You will find the logs in /var/log/samba/log.Ameilia or maybe in /var/log/samba/log.<ameilia's ip address>

Good luck.

1 Like

the logs for a remote client reveal

    [2019/01/03 17:14:04.711824,  0] ../source3/auth/user_util.c:358(map_username)
  can't open username map /etc/samba/smbusers. Error No such file or directory
[2019/01/03 17:14:04.711912,  0] ../source3/param/loadparm.c:3244(process_usershare_file)
  process_usershare_file: stat of /var/lib/samba/usershares/2tb_nas_dec_2017 failed. No such file or directory

this does not make sense to me as there is a smbusers file that contains

logan = logan

ameila = ameila

Also logs.127.0.0.0.1 (aka localhost) reads

   [2019/01/19 14:58:44.206641,  1] ../lib/param/loadparm.c:1729(lpcfg_do_global_parameter)
  WARNING: The "syslog" option is deprecated
[2019/01/19 14:58:44.207060,  3] ../source3/auth/auth.c:178(auth_check_ntlm_password)
  check_ntlm_password:  Checking password for unmapped user [WORKGROUP]\[ameila]@[SERVER-PC] with the new password interface
[2019/01/19 14:58:44.207071,  3] ../source3/auth/auth.c:181(auth_check_ntlm_password)
  check_ntlm_password:  mapped user is: [SERVER-PC]\[ameila]@[SERVER-PC]
[2019/01/19 14:58:44.207633,  3] ../source3/auth/auth.c:249(auth_check_ntlm_password)
  check_ntlm_password: sam authentication for user [ameila] succeeded
[2019/01/19 14:58:44.231076,  2] ../source3/auth/auth.c:305(auth_check_ntlm_password)
  check_ntlm_password:  authentication for user [ameila] -> [ameila] -> [ameila] succeeded
[2019/01/19 14:58:44.231384,  1] ../source3/param/loadparm.c:2374(lp_idmap_range)
  idmap range not specified for domain '*'
[2019/01/19 14:58:44.232040,  1] ../source3/param/loadparm.c:2374(lp_idmap_range)
  idmap range not specified for domain '*'

It looks like the back-end on the server side is working but for some reason that’s not getting passed through to the client.

Would it be easier at this point to pursue another share protocol, such as NFS or SSH?? All my clients are Linux based btw.

what does ls -liah /etc/samba/smbusers show?