Revisions to Windows 10 cannot connect to Linux Samba shares, except from SMB1/CIFS

Bumped by Community user

occurred May 31, 2021 at 19:04

Bumped by Community user

occurred Jan 31, 2021 at 1:02

Bumped by Community user

occurred Nov 15, 2020 at 9:03

Bumped by Community user

occurred Jul 16, 2020 at 8:00

added 621 characters in body

Source Link

edited Feb 5, 2020 at 14:16

gluttony

304
2
5
14

Edit2: after a quick look I found a workaround on Windows 10 fall update and samba guest account but when trying net use command I have following issue, then this is my company that may have change security on newer computer (both used are on the same domain but the one not working comes from a newer installation):

You can't access this shared folder because your organization's security policies block unauthenticated guest access. These policies help protect your PC from unsafe or malicious devices on the network.

Thanks

Edit2: after a quick look I found a workaround on Windows 10 fall update and samba guest account but when trying net use command I have following issue, then this is my company that may have change security on newer computer (both used are on the same domain but the one not working comes from a newer installation):

You can't access this shared folder because your organization's security policies block unauthenticated guest access. These policies help protect your PC from unsafe or malicious devices on the network.

Thanks

Added precisions according to @JW0914 answer

Source Link

edited Feb 5, 2020 at 14:07

gluttony

304
2
5
14

Edit: here are more information after what suggested @JW0914, what was suggested did not work but I found something interesting in server logs (added log level = 3 to /etc/samba/smb.conf global section then looked on /var/log/samba/log.smbd after having tried connection):

  check_ntlm_password:  Checking password for unmapped user [DOMAIN]\[USER]@[Windows10Computer] with the new password interface
[2020/02/05 14:21:23.845849,  3] ../source3/auth/auth.c:192(auth_check_ntlm_password)
  check_ntlm_password:  mapped user is: [DOMAIN]\[USER]@[Windows10Computer]
[2020/02/05 14:21:23.845879,  3] ../source3/auth/check_samsec.c:399(check_sam_security)
  check_sam_security: Couldn't find user 'USER' in passdb.
[2020/02/05 14:21:23.845890,  2] ../source3/auth/auth.c:332(auth_check_ntlm_password)
  check_ntlm_password:  Authentication for user [USER] -> [USER] FAILED with error NT_STATUS_NO_SUCH_USER, authoritative=1
[2020/02/05 14:21:23.845910,  2] ../auth/auth_log.c:760(log_authentication_event_human_readable)
  Auth: [SMB2,(null)] user [DOMAIN]\[USER] at [Wed, 05 Feb 2020 14:21:23.845900 CET] with [NTLMv2] status [NT_STATUS_NO_SUCH_USER] workstation [Windows10Computer] remote host [ipv4:172.168.0.69:56937] mapped to [DOMAIN]\[USER]. local host [ipv4:172.168.0.99:445]
[...]
  No such user USER [DOMAIN] - using guest account
[2020/02/05 14:21:23.847182,  3] ../source3/smbd/server_exit.c:244(exit_server_common)
  Server exit (NT_STATUS_CONNECTION_RESET)

I see server is trying to authenticate with user logged in Windows 10, but since not existing it falls back to guest user but connection is reset just after. In the other side, with a computer for which it is working, when logged with same domain/user and accessing successfully I have quite the same logs (different computer name and IP) but at the end:

  No such user USER [DOMAIN] - using guest account
[2020/02/05 14:43:21.147396,  3] ../lib/util/access.c:365(allow_access)
  Allowed connection from 192.168.0.77 (192.168.0.77)

I'm looking into it but I would be glad if anybody has a clue on what is happening.

Thanks

Edit: here are more information after what suggested @JW0914, what was suggested did not work but I found something interesting in server logs (added log level = 3 to /etc/samba/smb.conf global section then looked on /var/log/samba/log.smbd after having tried connection):

  check_ntlm_password:  Checking password for unmapped user [DOMAIN]\[USER]@[Windows10Computer] with the new password interface
[2020/02/05 14:21:23.845849,  3] ../source3/auth/auth.c:192(auth_check_ntlm_password)
  check_ntlm_password:  mapped user is: [DOMAIN]\[USER]@[Windows10Computer]
[2020/02/05 14:21:23.845879,  3] ../source3/auth/check_samsec.c:399(check_sam_security)
  check_sam_security: Couldn't find user 'USER' in passdb.
[2020/02/05 14:21:23.845890,  2] ../source3/auth/auth.c:332(auth_check_ntlm_password)
  check_ntlm_password:  Authentication for user [USER] -> [USER] FAILED with error NT_STATUS_NO_SUCH_USER, authoritative=1
[2020/02/05 14:21:23.845910,  2] ../auth/auth_log.c:760(log_authentication_event_human_readable)
  Auth: [SMB2,(null)] user [DOMAIN]\[USER] at [Wed, 05 Feb 2020 14:21:23.845900 CET] with [NTLMv2] status [NT_STATUS_NO_SUCH_USER] workstation [Windows10Computer] remote host [ipv4:172.168.0.69:56937] mapped to [DOMAIN]\[USER]. local host [ipv4:172.168.0.99:445]
[...]
  No such user USER [DOMAIN] - using guest account
[2020/02/05 14:21:23.847182,  3] ../source3/smbd/server_exit.c:244(exit_server_common)
  Server exit (NT_STATUS_CONNECTION_RESET)

I see server is trying to authenticate with user logged in Windows 10, but since not existing it falls back to guest user but connection is reset just after. In the other side, with a computer for which it is working, when logged with same domain/user and accessing successfully I have quite the same logs (different computer name and IP) but at the end:

  No such user USER [DOMAIN] - using guest account
[2020/02/05 14:43:21.147396,  3] ../lib/util/access.c:365(allow_access)
  Allowed connection from 192.168.0.77 (192.168.0.77)

I'm looking into it but I would be glad if anybody has a clue on what is happening.

Thanks

Removed "include = /etc/samba/dhcp.conf" from server conf since I've seen this file does not exist

Source Link

edited Feb 5, 2020 at 10:47

gluttony

304
2
5
14

[global]
workgroup = WORKGROUP
passdb backend = tdbsam
printing = cups
printcap name = cups
printcap cache time = 750
cups options = raw
map to guest = bad user
include = /etc/samba/dhcp.conf
logon path = \\%L\profiles\.msprofile
logon home = \\%L\%U\.9xprofile
logon drive = P:
usershare allow guests = yes
usershare max shares = 100
winbind offline logon = yes
winbind refresh tickets = yes
create mask = 777
directory mask = 777
delete readonly = yes

[tmp]
comment = Temp folder
path = /tmp
browseable = yes
writable = yes
read only = no
guest ok = yes
mangled names = no

[global]
workgroup = WORKGROUP
passdb backend = tdbsam
printing = cups
printcap name = cups
printcap cache time = 750
cups options = raw
map to guest = bad user
include = /etc/samba/dhcp.conf
logon path = \\%L\profiles\.msprofile
logon home = \\%L\%U\.9xprofile
logon drive = P:
usershare allow guests = yes
usershare max shares = 100
winbind offline logon = yes
winbind refresh tickets = yes
create mask = 777
directory mask = 777
delete readonly = yes

[tmp]
comment = Temp folder
path = /tmp
browseable = yes
writable = yes
read only = no
guest ok = yes
mangled names = no

[global]
workgroup = WORKGROUP
passdb backend = tdbsam
printing = cups
printcap name = cups
printcap cache time = 750
cups options = raw
map to guest = bad user
logon path = \\%L\profiles\.msprofile
logon home = \\%L\%U\.9xprofile
logon drive = P:
usershare allow guests = yes
usershare max shares = 100
winbind offline logon = yes
winbind refresh tickets = yes
create mask = 777
directory mask = 777
delete readonly = yes

[tmp]
comment = Temp folder
path = /tmp
browseable = yes
writable = yes
read only = no
guest ok = yes
mangled names = no

Source Link

asked Feb 5, 2020 at 10:31

gluttony

304
2
5
14

Loading

Stack Exchange Network

Return to Question

Post Timeline