December 6, 2017

windows 10 fall update and samba guest account

Posted on December 6, 2017  •  3 minutes  • 458 words  •  Suggest Changes

Suddenly a Linux server, -only- serving as ‘open’ samba share (guest account allowed) stopt working. I logged in and found samba working, no weird network issues, nothing. A mystery !

After a service smb restart and a _reboot -h now _(sue me, uptime) I increased the log level of smb to level 3 this is done by changing /etc/samba/smb.conf :

        workgroup = SAMBA
        security = user
        passdb backend = tdbsam


        map to guest = Bad User
        log level = 3

        [... below come shares ...]
  path = /data
  force user = testuser
  guest ok = yes

You can then follow what samba is doing at /var/log/samba/log.smbd (for Centos, after restarting the service) This is what I found :

[2017/12/05 11:10:37.388846,  3] ../source3/auth/auth.c:178(auth_check_ntlm_password)
  check_ntlm_password:  Checking password for unmapped user [DESKTOP-XXXXXX]\[svennsvenndDESKTOP-XXXXXX] with the new password interface
[2017/12/05 11:10:37.388886,  3] ../source3/auth/auth.c:181(auth_check_ntlm_password)
  check_ntlm_password:  mapped user is: [TEMPSTORAGE]\[svennd]@[DESKTOP-XXXXXX]
[2017/12/05 11:10:37.388985,  3] ../source3/auth/check_samsec.c:399(check_sam_security)
  check_sam_security: Couldn't find user 'svennd' in passdb.
[2017/12/05 11:10:37.389029,  2] ../source3/auth/auth.c:315(auth_check_ntlm_password)
  check_ntlm_password:  Authentication for user [svennd] -> [svennd] FAILED with error NT_STATUS_NO_SUCH_USER
[2017/12/05 11:10:37.389077,  3] ../source3/auth/auth_util.c:1610(do_map_to_guest_server_info)
  No such user svennd [DESKTOP-XXXXXX] - using guest account
[2017/12/05 11:10:37.390215,  3] ../source3/smbd/server_exit.c:246(exit_server_common)

So in short windows tries to use my local account and fails, this is expected. Then samba gives me the permissions of a guest account. Weirdly enough after that samba reports NT_STATUS_CONNECTION_RESET, or more simply put “server exit”. I tried to find more info on the recent patches using :

rpm -q --changelog samba-common-4.6.2-12.el7_4.noarch | less

At this time of writing the latest “feature change” was way back in march, this installation was newer so that could hardly be the issue.

* Fri Mar 31 2017 Guenther Deschner <[email protected]> - 4.6.2-0
- Update to Samba 4.6.2

In the end, we did not find the issue in the samba server. The issue was the client, running a windows 10 up-to-date version (fall creators update). This was the only change, between a working and not working setup. So Windows must have changed some behavior ? Tested with a Windows 7 machine, this suspicion was confirmed, there it worked. A workaround for my case was to setup a username that the server does know on the client :

C:\Users\svenn>net view \\shareserver
System error 53 has occurred.

The network path was not found.

C:\Users\svenn>net use \\shareserver\data /user:testuser
The command completed successfully.

C:\Users\svenn>net view \\shareserver
Shared resources at \\shareserver

Samba 4.6.2

Share name  Type  Used as  Comment

data        Disk  (UNC)    storage
data_rgb    Disk           storage
The command completed successfully.

And after that I can browse and access the share through explorer. While this for sure is not foolproof, for my case its enough. (single client to server)

This register setting n windows seems to be affecting this issue, thanks Dominik!


If you enjoyed this website, consider buying me a Dr. Pepper

Buy me a Dr PepperBuy me a Dr Pepper