Authentification problems with samba

Yes indeed

I am trying to access a USB HD attached to my open wrt router/SMB via windows or a file explorer in iOS.

Windows does not “see” the router

Within iOS I get a request for user password all the time. But the user pass I set don’t work. Same authentication request appears even if I set security = share

I think this has to do with permissions authorizations for the router to access the usb HD.

I saw you had written about it, but I am very new to all this and I don’t understand what needs to be done

Thanks a lot
Very clear
I had reinstalled fresh the routers firmware and formatted the usb drive with fat 32
I have not set up any user.
I can now access the usb drive from iOS and windows but I can’t write it from windows

I am now in the middle on implementing your suggestions above but the ones related to user.
I will report
Not sure what the mask values are. Where can I read about it. I have googled but not really understood.
Is it the same as the permission given for a drive/ directory?

Hi JW0914

I have executed what you suggested, and I can access the usb and the new directory from iOS but the router does not appear in windows explorer as it did before
I have mapped the IP address of the router to windows explorer and I receive the message device detected but not answering

What can I do now?

If your firewall is closed, have you opened the required ports for Samba?

I was wondering whether i need to open the ports of the router if I am in the same network and because before doing the changes I could see the router and access it in windows

So perhaps is not a ports issue?

Hi all again

Now I can access to the usb drive attached to the router from windows, although I had to map the drive and from iOS, but I can only read , not write or delete
How can I change the permissions.?
I am posting the config files again

here the output of the config updated. I can delete now but not write i set the mask and permissions to 0777 in order to have full access , as this is only for home use. however i still can not write from windows to the usb drive connected to the router

 cat /etc/config/samba

config samba
        option homes '1'
        option name 'GL-AR750S'
        option description 'GL-AR750S-6d0'
        option workgroup 'lan'

config sambashare
        option name 'sda1'
        option path '/mnt/sda1/pelis'
        option read_only 'no'
        option guest_ok 'yes'
        option create_mask '0777'
        option dir_mask '0777'

 cat etc/samba/smb.conf
        netbios name = GL-AR750S
        display charset = UTF-8
        interfaces = lo br-lan
        server string = GL-AR750S-6d0
        unix charset = UTF-8
        workgroup = lan
        browseable = yes
        deadtime = 30
        domain master = yes
        encrypt passwords = true
        enable core files = no
        guest account = nobody
        guest ok = yes
        invalid users = root
        local master = yes
        load printers = no
        map to guest = Bad User
        max protocol = SMB2
        min receivefile size = 16384
        null passwords = yes
        obey pam restrictions = yes
        os level = 20
        passdb backend = smbpasswd
        preferred master = yes
        printable = no
        security = share
        smb encrypt = disabled
        smb passwd file = /etc/samba/smbpasswd
        socket options = TCP_NODELAY IPTOS_LOWDELAY
        syslog = 2
        use sendfile = yes
        writeable = yes

        comment     = Home Directories
        browsable   = no
        read only   = no
        create mode = 0750

        path = /mnt/sda1/pelis
        read only = no
        guest ok = yes
        create mask = 0777
        directory mask = 0777

lsa -lsa /path/to/share
-ash: lsa: not found

i am not posting the password bit because i have not set up any user/password after i reinstalled the firmware

What I would need now is full read/write/execute permissions to the usb drive.

Plus to manage that the usb drive is visible in windows file explorer without mapping the unit (it has been suggested this can be a port issue with the router?)

thanks again

This is the mount information

Mounted file systems
Mount Point
0.00 B / 9.00 MB
100% (9.00 MB)
60.06 MB / 60.84 MB
1% (804.00 KB)
95.52 MB / 101.69 MB
1% (1.45 MB)
95.52 MB / 101.69 MB
1% (1.45 MB)
512.00 KB / 512.00 KB
0% (0.00 B)
26.81 GB / 28.88 GB
7% (2.07 GB)
Mount Points
Mount Points define at which point a memory device will be attached to the filesystem
Mount Point
UUID: 1F82-8506 (not present)

still can not write to the usb drive, i gave 0777 permissions again to no avail


the same if i want to delete a file, i get this message:

File access denied

You require permission from S -1-22-1-0 to make changes to this file

i have added

min protocol= smb2 

which was missing


i still didnt manage i can only read, neither write nor delete, despite i set out the authorisation at 777
what do you think?


I think I vaguely remember someone else having this problem, but I can't find the thread unfortunately, from what I remember they had to change permission for the drive itself, rather than the files. So you might try hooking the drive directly to your comp and make sure you have full permissions on the drive itself.

1 Like

I have these notes:

#Folder must be owned by 'root' 777 or 'nobody' 770
#and have at least the permission noted
mkdir /mnt/disk1
chown nobody /mnt/disk1/
chmod -R 774 /mnt/disk1
1 Like

I didn’t manage with nobody

Do you think it is must to ha a samba user and password to delete, etc from windows into the usb disk attached to the router with openwrt?

i have updated today the router firmware.
i will try with a user

can it be the problem that i am using a hard disk formatted fat32?

@cbx200 Please don't post multiple times in a row... if you need to, edit your last post if no one has replied yet, or delete it and re-post with the additional information, as your multiple posts make it difficult to follow your progress due to discombobulation.

The mask values in the /etc/config/samba apply to newly created files and directories, not existing ones.

  • These should not be 777, as I noted above.
    • Execute permissions are only needed by shell scripts and programs, not text files, music, or video, and as such, should only be applied execute permissions when they're required.

As I mentioned above, your issues are permissions related.

The following is required for full functionality of Samba shares:

  1. Users and groups need to be configured on the router, of which must match the name(s) of the Samba user(s)
  2. Samba users must be configured (root should never be one of them)
  3. A share directory must be created (cannot be the root of a partition) and Samba users & groups from #2 must own the directory and any sub-directories
  4. Traffic must be allowed on ports 137, 138, 139, and 445 between server and client(s)
  5. Client local domain should match that of the router (on Windows, this is the WorkGroup name)

Since the OpenWrt wikis do not appear to be helping you, and as I can't explain it better than I did above, google how to configure Samba on Ubuntu via command line, as most of the steps will be the same.

@JW0914 thanks , your explanations are very clear.
I guess what I have been doing could not work because

  1. I was trying with a usb disk with already existing files/directories
  2. Ports of the router not open (I am still not sure how to open them)

As mentioned in my previous post , would permissions work in a FAT 32 formatted drive. I read somewhere that not. Is it true?


It doesn't matter if the disk has existing files directories...

  • Let's say your USB drive is sda1:

    • It has a nested directory [dir1] with files and subdirectories contained within it at /mnt/sda1/dir1. To make dir1 your network share, perform the following:

      1. Change ownership of all files and directories contained within dir1 to the Samba user (user should have been added to /etc/passwd) and Samba user's group (user's group should have been added to /etc/group):
        chown <samba-user1>:<samba-user1-group> -R /mnt/sda1/dir1
        • If you have more than one Samba user, a Samba user group should also be added to /etc/group and the Samba users added to that group
        • Note that content within < > needs to be replaced with your custom content

      2. Change permissions of all nested directories contained within dir1 to 775
        find /mnt/sda1/dir1 -type d -print0 | xargs -0 chmod 775

      3. Change permissions of all nested files contained within dir1 to 660
        find /mnt/sda1/dir1 -type f -print0 | xargs -0 chmod 660

Provided you're utilizing your LAN, the ports are already open on the router, so you simply need to ensure the firewall on your clients isn't blocking the ports (note: majority of default firewall configs have these ports open)