Suddenly a Linux server, -only- serving as ‘open’ samba share (guest account allowed) stopt working. I logged in and found samba working, no weird network issues, nothing. A mystery !
After a service smb restart and a reboot -h now (sue me, uptime) I increased the log level of smb to level 3 this is done by changing /etc/samba/smb.conf :
[global]
workgroup = SAMBA
security = user
passdb backend = tdbsam
[...]
map to guest = Bad User
log level = 3
[... below come shares ...]
[data]
path = /data
[...]
force user = testuser
guest ok = yes
You can then follow what samba is doing at /var/log/samba/log.smbd (for Centos, after restarting the service) This is what I found :
[2017/12/05 11:10:37.388846, 3] ../source3/auth/auth.c:178(auth_check_ntlm_password) check_ntlm_password: Checking password for unmapped user [DESKTOP-XXXXXX]\[svennsvenndDESKTOP-XXXXXX] with the new password interface [2017/12/05 11:10:37.388886, 3] ../source3/auth/auth.c:181(auth_check_ntlm_password) check_ntlm_password: mapped user is: [TEMPSTORAGE]\[svennd]@[DESKTOP-XXXXXX] [2017/12/05 11:10:37.388985, 3] ../source3/auth/check_samsec.c:399(check_sam_security) check_sam_security: Couldn't find user 'svennd' in passdb. [2017/12/05 11:10:37.389029, 2] ../source3/auth/auth.c:315(auth_check_ntlm_password) check_ntlm_password: Authentication for user [svennd] -> [svennd] FAILED with error NT_STATUS_NO_SUCH_USER [2017/12/05 11:10:37.389077, 3] ../source3/auth/auth_util.c:1610(do_map_to_guest_server_info) No such user svennd [DESKTOP-XXXXXX] - using guest account [2017/12/05 11:10:37.390215, 3] ../source3/smbd/server_exit.c:246(exit_server_common) Server exit (NT_STATUS_CONNECTION_RESET)
So in short windows tries to use my local account and fails, this is expected. Then samba gives me the permissions of a guest account. Weirdly enough after that samba reports NT_STATUS_CONNECTION_RESET, or more simply put “server exit”. I tried to find more info on the recent patches using :
rpm -q --changelog samba-common-4.6.2-12.el7_4.noarch | less
At this time of writing the latest “feature change” was way back in march, this installation was newer so that could hardly be the issue.
* Fri Mar 31 2017 Guenther Deschner <gdeschner@redhat.com> - 4.6.2-0 - Update to Samba 4.6.2
In the end, we did not find the issue in the samba server. The issue was the client, running a windows 10 up-to-date version (fall creators update). This was the only change, between a working and not working setup. So Windows must have changed some behavior ? Tested with a Windows 7 machine, this suspicion was confirmed, there it worked. A workaround for my case was to setup a username that the server does know on the client :
C:\Users\svenn>net view \\shareserver System error 53 has occurred. The network path was not found. C:\Users\svenn>net use \\shareserver\data /user:testuser The command completed successfully. C:\Users\svenn>net view \\shareserver Shared resources at \\shareserver Samba 4.6.2 Share name Type Used as Comment ------------------------------------------------------------------------------- data Disk (UNC) storage data_rgb Disk storage The command completed successfully.
And after that I can browse and access the share through explorer. While this for sure is not foolproof, for my case its enough. (single client to server)
This register setting in windows seems to be affecting this issue, thanks Dominik!
Hi,
i just found this
https://getadmx.com/?Category=Windows_10_2016&Policy=Microsoft.Policies.LanmanWorkstation::Pol_EnableInsecureGuestLogons
Simply create that key in the registry an reboot. Works fine for me.
10 December, 2017 at 12:30Hey Dominik, that seems to be the issue yes, thanks !
11 December, 2017 at 09:01