Syndicate content

Cannot log in user with Samba

Today I wasted another hour or so in trying to get samba to work for one of my Windows computer so I could connect to one of my Linux computer. I knew that the installation was correct since I could log in with another computer/user that had worked for a long time. So... why would this one fail?

Two things, for of all, I could see NOTHING happening in the logs. Really wondering why the default is to log close to nothing with such a non-secure piece of software, but that's a different question. I added the following to actually get about enough logs to understand what was happening:

log level = 10 all:10

And yes, for a couple of people that might be too much. I do not recommend that you use such levels in normal operations, only to debug problems such as log in problems. In normal mode I now use this:

log level = 3 all:3

Okay! That already took me a while. Note also that log files with domain names do not enter the game until you are actually logged in so the main log file is concerned at this point.

Now, I created that new Unix user and it just did not want to work. It always said that it could not authenticate. (well, until I had the high log level, it said absolutely NOTHING, but once the log level was good enough, I could see that, finally!) Strangely enough because it said that it used the normal passwd login mechanism, but apparently that is not the case... What I had to do is create a new entry in the samba database:

smbpasswd -a <user-name>

Now, that worked. Notice the -a too, without it, if the user doesn't exist in the database yet, it fails because it views the command as an update. Note also that the -a probably fails if the user already exists.

Just in case, you have to properly setup the smb.conf file to support users. Also you may have an invalid users = ... entry, be sure that the user you're trying to log in with is not in that list. For example, to prevent root log in with samba:

invalid users = root

You may want to check out the man smb.conf page and make sure to properly setup the [homes] directory and you may also want to use the username map = ... option to support a name that's different on the Windows system than the one on your Linux system.

Windows 8 defaults changed!

I assume that this is new in Windows 8 because I did not run in that problem with Windows 7 and older versions of Windows.

I could see an error about a "dfs root" which told me pretty much zilch about what was happening:

[2013/08/31 11:02:08.070984,  3] smbd/msdfs.c:891(get_referred_path)
  get_referred_path: |username| in dfs path \servername\username is not a dfs root.

Note: DFS stands for Distributed File System.

This error is referencing a mechanism which, if I understand properly, exists since at least Windows 2000. The DFS mechanism let you create links to the actual data (softlinks in a Unix system) all in one place. This means you can enter paths such as:


And thing1, thing2, and thing3 may all 3 have completely different paths on your 'servername' computer.

The DFS mechanism, however, was never used before. Since WIndows 8, it looks like it is ON by default (note that it may be a problem in samba too, but I have not changed samba's version for a while now!), even if you do not define a [dfs] area in your samba settings. The error comes from the fact that username does not exist as a DFS path.

To fix the problem, all I had to do is mark that feature as unused:

host msdfs = no

By the way, most of the people out there will tell you that the problem is the following error, which also appears in your exact same log a little after the previous error. Indeed, access is denied because the path is not matched with anything. But, I can assure you that if you get the DFS problem, the user is your last worry at this point because the user itself does not get checked at all.

2013/08/31 11:02:08.073493,  1] smbd/service.c:805(make_connection_snum)
  create_connection_session_info failed: NT_STATUS_ACCESS_DENIED

So you won't have to change your user password 20 times, or verify that the home directory is accessible (755 / drwxr-xr-x) until you fix the DFS problem.

Obviously, if you are using both: DFS and Users, I cannot help you. There seems to be problems with that concept since in my case it did not automatically switch to user mode after failing with the DFS mode.

Syndicate content


Terms of Site Index

Find the page/content you are looking for with our index.

  • bash
  • Gutsy
  • menu

    In the computer world, menus are sets of items that generate an action when activated.

    It is used in CUI, GUI and the Internet.

  • mount
  • number

    All software make use of numbers. Everything is a number. The most basic number in a computer is 0 or 1. This is called a bit. These are represented with electricity. Although in most cases we see it as 0 - Ground and 1 - Voltage (i.e. 1 volt), the bit representation in software and in hardware may be interpreted either way (i.e. a 0 could mean that the voltage is 1V and not 0V.)

    Combining these zeroes and ones we offer end users to handle much larger numbers. With 8 bits, you can have numbers from 0 to 255 (unsigned) or -128 to +127 (signed.) Now a day, computers can handle a much larger number of bits in one cycle. Most processors use 64 bits but they can calculate numbers on 128, 256, and for some 1024 bits at once. Also with parallelism, the size can be viewed as even larger (i.e. handling a 64 bit number in 1,536 threads like on my old nVidra Quadro 600 is equivalent to one large number of 98,304 bits! That would be 2 power 98,304 possibilitie or about 2.8359e+29592 in decimal.)

    Integers are easy to handle. Although when working on math problems you generally see the set of avaialble numbers as equivalent to N although mathematicians know that computers can really only handle a limited set of numbers. For example, on a 64 bit computer, the usual range is -9223372036854775808 to 9223372036854775807, This is generally enough although at times some equations have to be reworked to avoid really large or small intermediate numbers that work fine in math equations, but not so well on computers.

    Now, math also includes other sets of numbers such as D, R, and C. Computers do not offer any way to represent numbers in R or C but they can offer D to some extend. These numbers are called floating point numbers because we do math using an exponent. The exponent makes the decimal point "float" in any location as the number used for the exponent offers. Using a 64 bit floating point, you can have positive and negative numbers with precision varing betwee 10-308 and 10+308. This includes a positive zero (+0) and a negative zero (-0), which is import in a few cases (although +0 = -0 is true, you can get the sign of a number and distinguish both zeroes). Note that at first decimal numbers were going to also have a positive and negative zero, but it was instead decided to have one more negative number (remember, with 8 bits we have signed numbers from -128 to +127, this is because in the positive numbers we have a 0 which we don't have in the negative numbers.)