I am unable to access SMB shares from windows 11. I know there are tons of threads about this and I have read most of them. I think my user, smb and acl setups are all correct - but I am unable to authenticate.
‘midclt call smb.status AUTH_LOG | jq’
reveals this (also common) problem:
‘“status”: “NT_STATUS_NO_SUCH_USER”’
I’ve tried changing my password, but I’m unable to tell if it’s actually sticking.
I can’t confirm with pdbedit because for some reason my root user is not allowed to execute it (even with sudo)
The forum won’t let me post a link but I something similar at community/threads/samba-problem-with-create-user.98010/#post-676257
Per that post I want to try “removing /var/db/system/samba4/private/passdb.tdb and then re-syncing the users: midclt call smb.synchronize_passdb -job”
But my root account doesn’t have the juice for that either.
I’m a little afraid to delete this user - would that delete their userspace?
I figured out how to enable sudo for my root account and now I’m able to do a little bit more - but I’m still stuck. When I try to run midclt call smb.synchronize_passdb -job I get the following output (username redacted / changed to user1)
Total Progress: [________________________________________] 0.00%
[EFAULT] Failed to set NT password for user1: Username not found!
Traceback (most recent call last):
File "/usr/local/lib/python3.9/site-packages/middlewared/job.py", line 355, in run
await self.future
File "/usr/local/lib/python3.9/site-packages/middlewared/job.py", line 391, in __run_body
rv = await self.method(*([self] + args))
File "/usr/local/lib/python3.9/site-packages/middlewared/plugins/smb_/passdb.py", line 187, in synchronize_passdb
await self.middleware.call('smb.update_passdb_user', u)
File "/usr/local/lib/python3.9/site-packages/middlewared/main.py", line 1283, in call
return await self._call(
File "/usr/local/lib/python3.9/site-packages/middlewared/main.py", line 1240, in _call
return await methodobj(*prepared_call.args)
File "/usr/local/lib/python3.9/site-packages/middlewared/plugins/smb_/passdb.py", line 105, in update_passdb_user
raise CallError(f'Failed to set NT password for {username}: {setntpass.stderr.decode()}')
middlewared.service_exception.CallError: [EFAULT] Failed to set NT password for user1: Username not found!
The username not found is strange since I can see it in the www dash (and that’s where I created it)
I’ll put troubleshooting steps here in the hopes that this will be useful to someone else.
First I verified that my smbuser existed from a truenas bash terminal
getent passwd user1
and sudo pdbedit -L | grep user1
That wasn’t the problem - but is a good thing to double check.
I tried to make an SMB connection from the truenas shell, taking windows out of the equation.
smbclient -U user1 -L localhost
here I got NT_STATUS_LOGON_FAILURE
I deleted and remade the user from the terminal to wipe out any potentially corrupted password
sudo smbpasswd -x user1 # Remove user from passdb (ignore errors if not present)
sudo smbpasswd -a user1 # Add back and set password
sudo smbpasswd -e user1 # Ensure account is enabled
Still no luck… for me the problem was clear after running
testparm -s | grep -i "protocol"
where I saw server min protocol = NT1
TLDR
windows 11 doesn’t allow NT1. Make sure it’s not enabled! unchecking NTLM1 Auth and unchecking enable SMB1 support from the web smb settings UI fixed my problems.
