That was it! I disabled Samba last night. Enabled, I have access on both PC and Mac. I'm really sorry about this Andy, I'm a complete plonker. Solved! Thanks for your help!
1 Like
Hi everyone,
I've done a couple of research and I'm trying to get my personal NAS running.
I've followed this guide, which already creates users, groups, and assigns them to the directory correctly, and helps configuring the samba4.
But despite all I'm getting this error message:
And it got me as far as I could. Can the problem be that I'm using windows 8.1?
I also get this on explorer:
Can someone help please?
Hello - I'm an OpenWRT / Linux Novice.
I'm trying to use OpenWRT to resurrect my Netgear Stora MS-2110 NAS, it essentially bricked its self because the UI that shipped with it was build on Flash. So its now dead, even though the fundamental hardware is perfectly serviceable for the application.
So far with the help of this forum and the OpenWRT platform... I'm tantalizingly close to success because I now have functioning firmware, and a partitioned RAID1 config up and running, and Samba fileshare broadcasting that other computers in my local network can see.
I'm not exactly sure what the problem is, but the situation is essentially:
1 - Computers can write files to the Samba share, they don't seem to get acknowledgement that the copy process has occurred successfully (so they hang), but I can SSH in and see that files have been created. 2 - I can also generate dummy files in the shared directories and the Windows & Linux PC's can see them near instantly
3 - I can not copy a file off the share drive to the remote pc. It hangs and doesnt appear to commence file copy
Notes - I don't understand how the permissions / user structures work in Samba Vs the rest OpenWRT and for now I dont have any users configured. I was hoping to start with the most simple config (no users / passwords) to validate the functionality.. and if it all works ok, I'll drop in some new large HDD's and do it again.
Should I be able to openly share files without user permissions set up? Is it likely user profile related, or something else? What config should I post to help diagnose the problem?
Your OpenWRT version and Samba version/packages installed. Also make sure your root samba share has full access aka 0777.
PS: Btw the default case is to allow guest read/write access, so no special user setup should be needed.
@Andy2244 FYI I'm trying to configure it all via the Luci UI, so I have not done any samba related config directly to the backend (other than a chmod to make sure root has open access to the partition.) The partition is located in: /mnt/md0/Dir1
Setup:
LuCI openwrt-21.02 branch (git-21.046.64947-cb0979f)
OpenWrt 21.02-SNAPSHOT r15818-c6319239d8
Samba 4.13.4
samba4-libs|4.13.4-1
samba4-server|4.13.4-1
samba4-utils|4.13.4-1
luci-app-samba4|git-21.046.64947-cb0979f
luci-i18n-samba4-ru|git-21.046.64947-cb0979f
And the template:
[global]
netbios name = |NAME|
interfaces = |INTERFACES|
server string = |DESCRIPTION|
unix charset = |CHARSET|
workgroup = |WORKGROUP|## This global parameter allows the Samba admin to limit what interfaces on a machine will serve SMB requests. bind interfaces only = yes ## time for inactive connections to-be closed in minutes deadtime = 15 ## disable core dumps enable core files = no ## set security (auto, user, domain, ads) security = user ## This parameter controls whether a remote client is allowed or required to use SMB encryption. ## It has different effects depending on whether the connection uses SMB1 or SMB2 and newer: ## If the connection uses SMB1, then this option controls the use of a Samba-specific extension to the SMB protocol introduced in Samba 3.2 that makes use of the Unix extensions. ## If the connection uses SMB2 or newer, then this option controls the use of the SMB-level encryption that is supported in SMB version 3.0 and above and available in Windows 8 and newer. ## (default/auto,desired,required,off) #smb encrypt = default ## set invalid users invalid users = root ## map unknow users to guest map to guest = Bad User ## allow client access to accounts that have null passwords. null passwords = yes ## The old plaintext passdb backend. Some Samba features will not work if this passdb backend is used. (NOTE: enabled for size reasons) ## (tdbsam,smbpasswd,ldapsam) passdb backend = smbpasswd ## Set location of smbpasswd ('smbd -b' will show default compiled location) #smb passwd file = /etc/samba/smbpasswd ## LAN (IPTOS_LOWDELAY TCP_NODELAY) WAN (IPTOS_THROUGHPUT) WiFi (SO_KEEPALIVE) try&error for buffer sizes (SO_RCVBUF=65536 SO_SNDBUF=65536) socket options = IPTOS_LOWDELAY TCP_NODELAY ## If this integer parameter is set to a non-zero value, Samba will read from files asynchronously when the request size is bigger than this value. ## Note that it happens only for non-chained and non-chaining reads and when not using write cache. ## The only reasonable values for this parameter are 0 (no async I/O) and 1 (always do async I/O). ## (1/0) #aio read size = 0 #aio write size = 0 ## If Samba has been built with asynchronous I/O support, Samba will not wait until write requests are finished before returning the result to the client for files listed in this parameter. ## Instead, Samba will immediately return that the write request has been finished successfully, no matter if the operation will succeed or not. ## This might speed up clients without aio support, but is really dangerous, because data could be lost and files could be damaged. #aio write behind = /*.tmp/ ## lower CPU useage if supported and aio is disabled (aio read size = 0 ; aio write size = 0) ## is this still broken? issue is from 2019 (NOTE: see https://bugzilla.samba.org/show_bug.cgi?id=14095 ) ## (no, yes) #use sendfile = yes ## samba will behave as previous versions of Samba would and will fail the lock request immediately if the lock range cannot be obtained. #blocking locks = No ## disable loading of all printcap printers by default (iprint, cups, lpstat) load printers = No printcap name = /dev/null ## Enabling this parameter will disable Samba's support for the SPOOLSS set of MS-RPC's. disable spoolss = yes ## This parameters controls how printer status information is interpreted on your system. ## (BSD, AIX, LPRNG, PLP, SYSV, HPUX, QNX, SOFTQ) printing = bsd ## Disable that nmbd is acting as a WINS server for unknow netbios names #dns proxy = No ## win/unix user mapping backend #idmap config * : backend = tdb ## Allows the server name that is advertised through MDNS to be set to the hostname rather than the Samba NETBIOS name. ## This allows an administrator to make Samba registered MDNS records match the case of the hostname rather than being in all capitals. ## (netbios, mdns) mdns name = mdns ## Clients that only support netbios won't be able to see your samba server when netbios support is disabled. #disable netbios = Yes ## Setting this value to no will cause nmbd never to become a local master browser. #local master = no ## (auto, yes) If this is set to yes, on startup, nmbd will force an election, and it will have a slight advantage in winning the election. It is recommended that this parameter is used in conjunction with domain master = yes, so that nmbd can guarantee becoming a domain master. #preferred master = yes ## (445 139) Specifies which ports the server should listen on for SMB traffic. ## 139 is netbios/nmbd #smb ports = 445 139 ## This is a list of files and directories that are neither visible nor accessible. ## Each entry in the list must be separated by a '/', which allows spaces to be included in the entry. '*' and '?' can be used to specify multiple files or directories as in DOS wildcards. veto files = /Thumbs.db/.DS_Store/._.DS_Store/.apdisk/ ## If a directory that is to be deleted contains nothing but veto files this deletion will fail unless you also set the delete veto files parameter to yes. delete veto files = yes################ Filesystem and creation rules ################
## reported filesystem type (NTFS,Samba,FAT)
#fstype = FAT## Allows a user who has write access to the file (by whatever means, including an ACL permission) to modify the permissions (including ACL) on it. #dos filemode = Yes ## file/dir creating rules #create mask = 0666 #directory mask = 0777 #force group = root #force user = root #inherit owner = windows and unix################################################################
mhh Snapshots with Samba4 and default settings should work with guest access out of the box for a default share, you can try enable "Force Root" mode in the UI settings.
Btw what filesystem are you using on the mount?
EXT4.
I had success by changing the create mask to 0777 from 0666. I don't understand why it works, but it works.
I suspected that things were being written with incorrect privileges to access them.
@Andy2244 have you by chance tried to set up a share for use with Apple time machine? I havn't had much luck getting it to work natively. I got it to work by creating an image file in a share, and mounting it within OS X but the performance was woeful (I realized what I had done as soon as the second backup started.. poor little Stora IO hasn't worked that hard ever I suspect).
There are Luci UI options specifically for this at the end of the share setup? Did you try create a second share and just enabling those options?
Yeah, I did, but time machine refused to recognize it as an option. I'm going to have another go with a few added settings I got from a friend.
Hi everyone,
I hope I am in the right place for questions on samba 4, but it seems that I should be 
So, I am trying to setup samba4 shares in OpenWRT and it seems pretty forward, but is not working, i.e. I cannot access from Windows 10 clients.
There was also an error message after installing
dbus[17202]: Unknown group "netdev" in message bus configuration file
Am I missing a package or why is it not working?
I setup a test share for /mnt/sdb1
config samba
option workgroup 'WORKGROUP'
option charset 'UTF-8'
option description '1'
config sambashare
option path '/mnt/sdb1'
option name 'sdb1'
option create_mask '0666'
option dir_mask '0777'
option read_only 'yes'
option guest_ok 'yes'
I then tried to simply enter \192.168.5.71 (IP of NAS) in the Windows Explorer but it cannot connect.
Clearly I am missing something :duh:
Thank you!
Alex
P.S.: I did not edit the template yet. Do I maybe need to edit something there? NAS is not broadcasting the share.
P.P.S.: As it is a NAS and not a router, I did not edit any firewall rules. Everything is still OpenWRT defaults.
Try \\192.168.5.71\sdb1, also try install the wsdd2 package and than check my problems sections here: https://github.com/Andy2244/openwrt-extra, especially try restart the Function Discovery Resource Publication windows service on your clients.
What filesystem do your use? You can also try chmod -R 0777 /mnt/sdb1 or try enable the force root option on the share.
PS: No, you should not need to edit the template.
I can see the server now that I switched to WORKGROUP.
However, I cannot access the server.
I tried mounting the network drive.
I tried \192.168.5.71
I tried \192.168.5.71\sdb1
I tried \192.168.5.71mnt\sdb1
I tried \192.168.5.71\sambashare
Nothing seems to work.
Filesystem is ext4.
Try create a share on /tmp just to make sure its not a filesystem/external problem and see if you can browse/mount this share.
Also what does net use H: \\192.168.5.71\sdb1 in a windows shell/powershell yields?
Could also be a interface problem, check the /etc/samba/smb.conf file and what interface is it trying to bind to and if this interface actually exists and is the correct one.
[global]
interfaces =
For testing only you could allow samba to bind to any interface via changing the template:
bind interfaces only = no
This is driving me mad.
Suddenly, and I don't know what I changed, one device is working and the other is not. Configs seem to be identical.
Now I wanted to check the packages and one system has 193 packages installed and the other 197. I would like to compare which packages are missing.
Is there a file that contains this information? I don't want to compare 197 lines one by one. 
So, after following your guide and googling some more and trying different stuff, I found that I had to manually set the credentials in Windows 10 via the user accounts.
I was not prompted on the second NAS but after adding it manually via user accounts, it worked immediately!
So thank you for your support and anybody facing a similar problem: check User Accounts - Manage your credentials and then add them manually.
Hi all, i recently updated samba to 4.14.5 and also WSDD2 for snapshots. I want to backport those into the 19/21 branches, but would like some extra feedback, so update and run some basic tests if you happen to run snapshots and give a quick "ok" if everything works.
I had some "hickups" with the new wsdd2 package and needed to increase the startup timeout, so something was not yet ready after a reboot on my system and i had to either manually restart the service or add a larger timeout.
thanks
In short while not as severe a flaw as non-link-local multicast, having a default configuration that listens on the WAN for traffic which is not blocked (no, really, try it), is a significant security flaw.
Dear,
I have two different issue with samba4.
First:
Samba version 4.14.7 on wrt1900acsv2 with openwrt 21.02.1
If I mount samba share with ubuntu onfstab with this command:
//192.168.1.1/MyDrive /media/MyMedia cifs guest,iocharset=utf8 0 0
When I copy largest file from ubuntu to sambashare, samba eat all the RAM and drop.
If I copy the same file with windows no issue at all, seems it's a cache issue.
[global]
netbios name = WRT1900ACS
interfaces = br-lan
server string = Linksys
unix charset = UTF-8
workgroup = WORKGROUP
## This global parameter allows the Samba admin to limit what interfaces on a machine will serve SMB requests.
bind interfaces only = yes
## time for inactive connections to-be closed in minutes
deadtime = 15
## disable core dumps
enable core files = no
## set security (auto, user, domain, ads)
security = user
## This parameter controls whether a remote client is allowed or required to use SMB encryption.
## It has different effects depending on whether the connection uses SMB1 or SMB2 and newer:
## If the connection uses SMB1, then this option controls the use of a Samba-specific extension to the SMB protocol introduced in Samba 3.2 that makes use of the Unix extensions.
## If the connection uses SMB2 or newer, then this option controls the use of the SMB-level encryption that is supported in SMB version 3.0 and above and available in Windows 8 and newer.
## (default/auto,desired,required,off)
smb encrypt = off
## set invalid users
invalid users = root
## map unknow users to guest
map to guest = Bad User
## allow client access to accounts that have null passwords.
null passwords = yes
## The old plaintext passdb backend. Some Samba features will not work if this passdb backend is used. (NOTE: enabled for size reasons)
## (tdbsam,smbpasswd,ldapsam)
passdb backend = smbpasswd
## Set location of smbpasswd ('smbd -b' will show default compiled location)
#smb passwd file = /etc/samba/smbpasswd
## LAN/WAN options (IPTOS_LOWDELAY TCP_NODELAY) WAN (IPTOS_THROUGHPUT)
socket options = IPTOS_LOWDELAY TCP_NODELAY
## If this integer parameter is set to a non-zero value, Samba will read from files asynchronously when the request size is bigger than this value.
## Note that it happens only for non-chained and non-chaining reads and when not using write cache.
## The only reasonable values for this parameter are 0 (no async I/O) and 1 (always do async I/O).
## (1/0)
#aio read size = 0
#aio write size = 0
## If Samba has been built with asynchronous I/O support, Samba will not wait until write requests are finished before returning the result to the client for files listed in this parameter.
## Instead, Samba will immediately return that the write request has been finished successfully, no matter if the operation will succeed or not.
## This might speed up clients without aio support, but is really dangerous, because data could be lost and files could be damaged.
#aio write behind = /*.tmp/
## lower CPU useage if supported and aio is disabled (aio read size = 0 ; aio write size = 0)
## currently broken (NOTE: see https://bugzilla.samba.org/show_bug.cgi?id=14095 )
## (no, yes)
#use sendfile = yes
## samba will behave as previous versions of Samba would and will fail the lock request immediately if the lock range cannot be obtained.
#blocking locks = No
## disable loading of all printcap printers by default (iprint, cups, lpstat)
load printers = No
printcap name = /dev/null
## Enabling this parameter will disable Samba's support for the SPOOLSS set of MS-RPC's.
disable spoolss = yes
## This parameters controls how printer status information is interpreted on your system.
## (BSD, AIX, LPRNG, PLP, SYSV, HPUX, QNX, SOFTQ)
printing = bsd
## Disable that nmbd is acting as a WINS server for unknow netbios names
#dns proxy = No
## win/unix user mapping backend
#idmap config * : backend = tdb
## Allows the server name that is advertised through MDNS to be set to the hostname rather than the Samba NETBIOS name.
## This allows an administrator to make Samba registered MDNS records match the case of the hostname rather than being in all capitals.
## (netbios, mdns)
mdns name = mdns
## Clients that only support netbios won't be able to see your samba server when netbios support is disabled.
#disable netbios = Yes
## Setting this value to no will cause nmbd never to become a local master browser.
local master = no
## (auto, yes) If this is set to yes, on startup, nmbd will force an election, and it will have a slight advantage in winning the election. It is recommended that this parameter is used in conjunction with domain master = yes, so that nmbd can guarantee becoming a domain master.
#preferred master = yes
## (445 139) Specifies which ports the server should listen on for SMB traffic.
## 139 is netbios/nmbd
#smb ports = 445 139
## This is a list of files and directories that are neither visible nor accessible.
## Each entry in the list must be separated by a '/', which allows spaces to be included in the entry. '*' and '?' can be used to specify multiple files or directories as in DOS wildcards.
veto files = /Thumbs.db/.DS_Store/._.DS_Store/.apdisk/
## If a directory that is to be deleted contains nothing but veto files this deletion will fail unless you also set the delete veto files parameter to yes.
delete veto files = yes
################ Filesystem and creation rules ################
## reported filesystem type (NTFS,Samba,FAT)
#fstype = FAT
## Allows a user who has write access to the file (by whatever means, including an ACL permission) to modify the permissions (including ACL) on it.
#dos filemode = Yes
## file/dir creating rules
#create mask = 0666
#directory mask = 0777
#force group = root
#force user = root
#inherit owner = windows and unix
################################################################
######### Dynamic written config options #########
[LinksysDrive]
path = /mnt/MyDrive
force user = root
force group = root
create mask = 0777
directory mask = 0777
read only = no
guest ok = yes
inherit owner = yes
vfs objects = io_uring
Second issue:
Samba version 4.14.7 on gl-inet GL300M16 and openwrt 21.02.1
If I try to transfer file and my linux user have a bad user and a password it can not write on sambashare. If I remove password all works, or if I remove both user and password.
Is there a way to map as guest all, user without a correct user and password?
I have same troubles with OOM when samba/ksmbd are crashing together with while device.
I am using Seagate GoFlex Net.
On 21.02.1, I tried samba4 and ksmb and both are eating to much memory which results in OOM.
On 19.07.8 same is happening with ksmb, so I tried samba36 and this is rock stable.
I tried to tune sizes of caches, read/write buffers but nothing helped for samba4/ksmb. So my solution for now is to downgrade to 19.07.8