That gave me read and write access to /mnt/dump even from a Windows machine. (Actually I don't know how to get to it from Linux yet.)
To get read and write access as a name user, I thought all I had to do would be to enter 'root' for 'allowed users' and uncheck 'allow guests' (in LuCI) so that the config looks like (in relevant portions):
option guest_ok 'no'
option users 'root'
But that did not work (login was refused, never mind read or write). I even created a non-root user (on the thought that root may be subject to a special prohibition), but that made no difference.
Questions: What do I need to modify (in LuCI or the config file) so as to have read and write access as a named user (whether root or non-root)?
Or maybe I have to do something different on the Windows side? One thing that bothered me was that the Windows prompt for credentials would insist on the user being e.g. Windows-Machine-Name\root (or equivalently the 'domain' being Windows-Machine-Name). Maybe the username I am sending to ksmbd is not 'root' but some complex thing including the 'Windows-Machine-Name'?
Now add that user as a valid smb (ksmb) user (same for samba4 via smbpasswd tool):
opkg install ksmbd-utils
ksmbd.adduser -a smbuser
Now add the smbuser to the allowed ksmb users list via luci or uci config for your share.
Under windows you can check/manage/add smb logins via the credential manager.
Reminder: Use the password from the ksmbd.adduser process not the linux user password, to connect to your share.
PS: Now you also need to ensure that the linux smbuser has valid access to the shared dir/files.
Also a trick i often use, is to use my windows Login/PW for the Linux smb user, this way it gets automatic login, since the name/pw match.
Yes. Space worked. I just had to reboot the Windows machine after trying each allowed user. None of the commands to clear the cache on Windows worked (e.g. net use * /DELETE did not work). Thank you. Also leaving this remark for anyone landing on this page.
Also for anyone landing on this page, adduser smbuser in one of Andy2244's comments should be useradd smbuser.