I'm on windows 10 trying to login to my samba user share and it will not recognize my password.
On Windows 10 i've been using Microsoft accounts (not local account), so i've changed my User Name in windows 10 to EricA; i'm using user Eric on windows 7 with a different password so i created a new user erica. So i have two users, eric and erica (system - accounts - user).
Is this the proper way to create samba users/passwords by just creating a clearos user?
last week this work, this week after rebooting my clearos server it doesn't work.
i can't add a user/password as it already exists...
# smbpasswd -a erica"
ldapsam_getsampwnam: Duplicate entries for this user [erica] Failing. count=2
ldapsam_add_sam_account: User 'erica' already in the base, with samba attributes
Failed to add entry for user erica.
smb.conf:
[global]
ntlm auth = yes
winbind expand groups = 1
unix password sync = Yes
# General
netbios name = Orion
workgroup = IRKSHOUSE
server string = ClearOS Samba Server
security = user
# Logging
log level = 1
log file = /var/log/samba/%L-%m
max log size = 0
utmp = Yes
# Network
bind interfaces only = No
interfaces = lo enp7s0
# Printing
printcap name = /etc/printcap
load printers = Yes
# Security settings
guest account = guest
#restrict anonymous = 2
# WINS
wins support = Yes
wins server =
# PDC/BDC
domain logons = Yes
add machine script = /usr/sbin/samba-add-machine "%u"
logon drive = U:
logon script = logon.cmd
logon path =
logon home = \\%L\%U
# Winbind
idmap config * : backend = ldap
idmap config * : range = 20000000-29999999
winbind enum users = Yes
winbind enum groups = Yes
winbind offline logon = false
winbind use default domain = true
winbind separator = +
template homedir = /home/%U
template shell = /sbin/nologin
# Other
preferred master = Yes
domain master = Yes
passwd program = /usr/sbin/userpasswd %u
passwd chat = *password:* %n\n *password:* %n\n *successfully.*
passwd chat timeout = 10
username map = /etc/samba/smbusers
wide links = No
allow trusted domains = No
# LDAP settings
include = /etc/samba/smb.ldap.conf
# Winbind LDAP settings
include = /etc/samba/smb.winbind.conf
#============================ Share Definitions ==============================
# Flexshare
# include = /etc/samba/flexshare.conf
[homes]
comment = Home Directories
path = /home/%U
valid users = %D\%S, %D+%S, %S
read only = No
browseable = No
available = Yes
[Irk]
comment = Erics personal folder
path = /media/Raid6/shares/Eric
valid users = eric erica
read only = No
browseable = yes
available = Yes
[Movies]
comment = Movie and TV shows
path = /media/Raid6/Movies
valid users = eric erica
read only = No
browseable = yes
available = Yes
[Music Cache]
comment = audio mps's
path = /media/Raid6/shares/Music Cache
valid users = eric erica
read only = No
browseable = yes
available = Yes
[Flac]
comment = lossless audio files
path = /media/Raid6/shares/Flac
valid users = eric erica
read only = No
browseable = Yes
available = Yes
[printers]
comment = Print Spool
path = /var/spool/samba
printing = cups
cups options = raw
use client driver = Yes
printable = Yes
read only = No
browseable = No
available = No
[print$]
comment = Printer Drivers
path = /var/samba/drivers
read only = No
browseable = No
available = No
[netlogon]
comment = Network Logon Service
path = /var/samba/netlogon
read only = No
locking = No
browseable = No
available = No
[profiles]
comment = Profile Share
path = /var/samba/profiles
read only = No
profile acls = Yes
browseable = No
available = No
force group = domain_users
force directory mode = 02775
On Windows 10 i've been using Microsoft accounts (not local account), so i've changed my User Name in windows 10 to EricA; i'm using user Eric on windows 7 with a different password so i created a new user erica. So i have two users, eric and erica (system - accounts - user).
Is this the proper way to create samba users/passwords by just creating a clearos user?
last week this work, this week after rebooting my clearos server it doesn't work.
i can't add a user/password as it already exists...
# smbpasswd -a erica"
ldapsam_getsampwnam: Duplicate entries for this user [erica] Failing. count=2
ldapsam_add_sam_account: User 'erica' already in the base, with samba attributes
Failed to add entry for user erica.
smb.conf:
[global]
ntlm auth = yes
winbind expand groups = 1
unix password sync = Yes
# General
netbios name = Orion
workgroup = IRKSHOUSE
server string = ClearOS Samba Server
security = user
# Logging
log level = 1
log file = /var/log/samba/%L-%m
max log size = 0
utmp = Yes
# Network
bind interfaces only = No
interfaces = lo enp7s0
# Printing
printcap name = /etc/printcap
load printers = Yes
# Security settings
guest account = guest
#restrict anonymous = 2
# WINS
wins support = Yes
wins server =
# PDC/BDC
domain logons = Yes
add machine script = /usr/sbin/samba-add-machine "%u"
logon drive = U:
logon script = logon.cmd
logon path =
logon home = \\%L\%U
# Winbind
idmap config * : backend = ldap
idmap config * : range = 20000000-29999999
winbind enum users = Yes
winbind enum groups = Yes
winbind offline logon = false
winbind use default domain = true
winbind separator = +
template homedir = /home/%U
template shell = /sbin/nologin
# Other
preferred master = Yes
domain master = Yes
passwd program = /usr/sbin/userpasswd %u
passwd chat = *password:* %n\n *password:* %n\n *successfully.*
passwd chat timeout = 10
username map = /etc/samba/smbusers
wide links = No
allow trusted domains = No
# LDAP settings
include = /etc/samba/smb.ldap.conf
# Winbind LDAP settings
include = /etc/samba/smb.winbind.conf
#============================ Share Definitions ==============================
# Flexshare
# include = /etc/samba/flexshare.conf
[homes]
comment = Home Directories
path = /home/%U
valid users = %D\%S, %D+%S, %S
read only = No
browseable = No
available = Yes
[Irk]
comment = Erics personal folder
path = /media/Raid6/shares/Eric
valid users = eric erica
read only = No
browseable = yes
available = Yes
[Movies]
comment = Movie and TV shows
path = /media/Raid6/Movies
valid users = eric erica
read only = No
browseable = yes
available = Yes
[Music Cache]
comment = audio mps's
path = /media/Raid6/shares/Music Cache
valid users = eric erica
read only = No
browseable = yes
available = Yes
[Flac]
comment = lossless audio files
path = /media/Raid6/shares/Flac
valid users = eric erica
read only = No
browseable = Yes
available = Yes
[printers]
comment = Print Spool
path = /var/spool/samba
printing = cups
cups options = raw
use client driver = Yes
printable = Yes
read only = No
browseable = No
available = No
[print$]
comment = Printer Drivers
path = /var/samba/drivers
read only = No
browseable = No
available = No
[netlogon]
comment = Network Logon Service
path = /var/samba/netlogon
read only = No
locking = No
browseable = No
available = No
[profiles]
comment = Profile Share
path = /var/samba/profiles
read only = No
profile acls = Yes
browseable = No
available = No
force group = domain_users
force directory mode = 02775
Share this post:
Responses (7)
-
Accepted Answer
-
Accepted Answer
Flexshares have different aspects. They can be samba file share with access by a single group. I don't think you can have multiple groups accessing a flexshare. They physically would exist under /var/flexshare/shares. At the same time you can have ftp access to these shares if you want. Lastly they can be used as web servers (where they generally bind mount /vaw/www/virtual/{your_website}. Here ftp access can be considered useful as you can use ftp to upload your website to the server.
There is nothing to stop you defining your own samba shares as well. I do it where I want to allow extra group access to specific subdirectories. However I do it slightly differently from you in that in my smb.conf I add a line "include = /etc/samba/smb.nick.conf". I put that line straight after the "include = /etc/samba/flexshare.conf" line. Then I put my samba share definitions in /etc/samba/smb.nick.conf. -
Accepted Answer
Marcel van Leeuwen wrote:
Hi, can't you access non of the network shares? So home directory and flexshares?
You indeed have to create a user in system -> accounts -> users and add that user to a group. With the credentials you created on ClearOS you can login on your network share with you Windows client.
My "flexshare.conf" looks really different.
[movies]
path = /var/flexshare/shares/movies
comment = Movies folder
browseable = Yes
read only = No
guest ok = No
directory mask = 0775
create mask = 0664
valid users = @"%D\allusers", @allusers
veto files = /.flexshare*/
recycle:repository = .trash/%U
recycle:maxsize = 0
recycle:versions = Yes
recycle:keeptree = Yes
recycle:touch = No
recycle:directory_mode = 0775
vfs object = recycle:recycle
Did you edited flexshare.conf manually?
I don't understand flexshare and have not used it, does it tie into samba in someway? -
Accepted Answer
If you create a user with useradd it will give the user a number (UID?) > 1000. These can all get overwritten by ldap and you will lose the users on boot (and perhaps ldap restart). At a guess another normal user was greated in ldap and this also took the same UID so appears to take over the old user. If you want to add a system user you need to use the -r option, so "useradd -r ....". This will give a UID less than 1000 which ldap won't touch. Is this what you did or did you do it without the -r option? -
Accepted Answer
-
Accepted Answer
i created a user in system accounts, but after a week the password was changed and i no longer could access shares and if i tried to change it with with command shell it asked for the ldap password. so i deleted it and added it with useradd and set password and now it works. why would ldap take over a user??? -
Accepted Answer
Hi, can't you access non of the network shares? So home directory and flexshares?
You indeed have to create a user in system -> accounts -> users and add that user to a group. With the credentials you created on ClearOS you can login on your network share with you Windows client.
My "flexshare.conf" looks really different.
[movies]
path = /var/flexshare/shares/movies
comment = Movies folder
browseable = Yes
read only = No
guest ok = No
directory mask = 0775
create mask = 0664
valid users = @"%D\allusers", @allusers
veto files = /.flexshare*/
recycle:repository = .trash/%U
recycle:maxsize = 0
recycle:versions = Yes
recycle:keeptree = Yes
recycle:touch = No
recycle:directory_mode = 0775
vfs object = recycle:recycle
Did you edited flexshare.conf manually?
Please login to post a reply
You will need to be logged in to be able to post a reply. Login using the form on the right or register an account if you are new here.
Register Here »