Yes, there is a "valid users = %S" line present in the smb.conf file.
When I comment it out, smbclient -L works as expected.
What i did:
1) Comment out "valid users = %S", see the diff:
> root@ubuntu:/etc/samba# diff -u ~/smb.conf.old smb.conf
> --- /root/smb.conf.old 2014-04-01 18:19:16.880909594 +0200
> +++ smb.conf 2014-04-01 18:19:40.065312095 +0200
> @@ -211,7 +211,7 @@
> # The following parameter makes sure that only "username" can connect
> # to \\server\username
> # This might need tweaking when using external authentication schemes
> - valid users = %S
> +; valid users = %S
>
> # Un-comment the following and create the netlogon directory for Domain Logons
> # (you need to configure Samba to act as a domain controller too.)
2) Restart samba:
> root@ubuntu:/etc/samba# service samba restart
3) Test the connectivity:
> root@ubuntu:/etc/samba# smbclient -L \\localhost -U ubuntu
> Enter ubuntu's password:
> Domain=[WORKGROUP] OS=[Unix] Server=[Samba 4.1.3-Ubuntu]
>
> Sharename Type Comment
> --------- ---- -------
> IPC$ IPC IPC Service (ubuntu server (Samba, Ubuntu))
> print$ Disk Printer Drivers
> Domain=[WORKGROUP] OS=[Unix] Server=[Samba 4.1.3-Ubuntu]
>
> Server Comment
> --------- -------
> UBUNTU ubuntu server (Samba, Ubuntu)
>
> Workgroup Master
> --------- -------
> WORKGROUP UBUNTU
There are a number of other options which IMHO are placed under [homes] but are commented in:
Here the full, unchanged default smb.conf file (read only, create mask, directory mask, valid users):
---------------------------- c u t ----------------------------
#======================= Share Definitions =======================
# Un-comment the following (and tweak the other settings below to suit)
# to enable the default home directory shares. This will share each
# user's home directory as \\server\username
;[homes]
; comment = Home Directories
; browseable = no
# By default, the home directories are exported read-only. Change the
# next parameter to 'no' if you want to be able to write to them.
read only = yes
# File creation mask is set to 0700 for security reasons. If you want to
# create files with group=rw permissions, set next parameter to 0775.
create mask = 0700
# Directory creation mask is set to 0700 for security reasons. If you want to
# create dirs. with group=rw permissions, set next parameter to 0775.
directory mask = 0700
# By default, \\server\username shares can be connected to by anyone
# with access to the samba server.
# The following parameter makes sure that only "username" can connect
# to \\server\username
# This might need tweaking when using external authentication schemes
valid users = %S
# Un-comment the following and create the netlogon directory for Domain Logons
# (you need to configure Samba to act as a domain controller too.)
;[netlogon]
; comment = Network Logon Service
; path = /home/samba/netlogon
; guest ok = yes
; read only = yes
# Un-comment the following and create the profiles directory to store
# users profiles (see the "logon path" option above)
# (you need to configure Samba to act as a domain controller too.)
# The path below should be writable by all users so that their
# profile directory may be created the first time they log on
;[profiles]
; comment = Users profiles
; path = /home/samba/profiles
; guest ok = no
; browseable = no
; create mask = 0600
; directory mask = 0700
[printers]
comment = All Printers
---------------------------- c u t ----------------------------
Also, i compared this with to the smb.conf from samba 2:4.1.6+dfsg-1 which i took from Debian Jessie and applied on my Ubuntu 14.04 "Ubuntu Trusty Tahr (development branch)". In this configuration, everything below "[homes]" is commented out.
Hi Robie,
Yes, there is a "valid users = %S" line present in the smb.conf file.
When I comment it out, smbclient -L works as expected.
What i did: /etc/samba# diff -u ~/smb.conf.old smb.conf
1) Comment out "valid users = %S", see the diff:
> root@ubuntu:
> --- /root/smb.conf.old 2014-04-01 18:19:16.880909594 +0200
> +++ smb.conf 2014-04-01 18:19:40.065312095 +0200
> @@ -211,7 +211,7 @@
> # The following parameter makes sure that only "username" can connect
> # to \\server\username
> # This might need tweaking when using external authentication schemes
> - valid users = %S
> +; valid users = %S
>
> # Un-comment the following and create the netlogon directory for Domain Logons
> # (you need to configure Samba to act as a domain controller too.)
2) Restart samba: /etc/samba# service samba restart
> root@ubuntu:
3) Test the connectivity: /etc/samba# smbclient -L \\localhost -U ubuntu
> root@ubuntu:
> Enter ubuntu's password:
> Domain=[WORKGROUP] OS=[Unix] Server=[Samba 4.1.3-Ubuntu]
>
> Sharename Type Comment
> --------- ---- -------
> IPC$ IPC IPC Service (ubuntu server (Samba, Ubuntu))
> print$ Disk Printer Drivers
> Domain=[WORKGROUP] OS=[Unix] Server=[Samba 4.1.3-Ubuntu]
>
> Server Comment
> --------- -------
> UBUNTU ubuntu server (Samba, Ubuntu)
>
> Workgroup Master
> --------- -------
> WORKGROUP UBUNTU
There are a number of other options which IMHO are placed under [homes] but are commented in:
Here the full, unchanged default smb.conf file (read only, create mask, directory mask, valid users): ------- ------- ------- c u t ------- ------- ------- ------- ======= ======= === Share Definitions ======= ======= ======= ==
-------
#======
# Un-comment the following (and tweak the other settings below to suit)
# to enable the default home directory shares. This will share each
# user's home directory as \\server\username
;[homes]
; comment = Home Directories
; browseable = no
# By default, the home directories are exported read-only. Change the
# next parameter to 'no' if you want to be able to write to them.
read only = yes
# File creation mask is set to 0700 for security reasons. If you want to
# create files with group=rw permissions, set next parameter to 0775.
create mask = 0700
# Directory creation mask is set to 0700 for security reasons. If you want to
# create dirs. with group=rw permissions, set next parameter to 0775.
directory mask = 0700
# By default, \\server\username shares can be connected to by anyone
# with access to the samba server.
# The following parameter makes sure that only "username" can connect
# to \\server\username
# This might need tweaking when using external authentication schemes
valid users = %S
# Un-comment the following and create the netlogon directory for Domain Logons netlogon
# (you need to configure Samba to act as a domain controller too.)
;[netlogon]
; comment = Network Logon Service
; path = /home/samba/
; guest ok = yes
; read only = yes
# Un-comment the following and create the profiles directory to store profiles
# users profiles (see the "logon path" option above)
# (you need to configure Samba to act as a domain controller too.)
# The path below should be writable by all users so that their
# profile directory may be created the first time they log on
;[profiles]
; comment = Users profiles
; path = /home/samba/
; guest ok = no
; browseable = no
; create mask = 0600
; directory mask = 0700
[printers] ------- ------- ------- c u t ------- ------- ------- -------
comment = All Printers
-------
Also, i compared this with to the smb.conf from samba 2:4.1.6+dfsg-1 which i took from Debian Jessie and applied on my Ubuntu 14.04 "Ubuntu Trusty Tahr (development branch)". In this configuration, everything below "[homes]" is commented out.
Cheers,
Raoul