samba and windows 8.1 login

Hi again. Two samba questions in one day :slight_smile:
Using Samba client/server 4.1.6-3.18.1 x86_64

This one concerns my connecting from a windows 8.1 machine to my shared folder on the openSUSE machine. Though I have no problem with the connection, I get this error in the log.smbd file|:

“check_ntlm_password: Authentication for user [sparkz_alot@msn.com] -> [sparkz_alot@msn.com] FAILED with error NT_STATUS_NO_SUCH_USER”

Since you can’t create a user with the “@” symbol, how have you you folks solved this situation?

Here is my conf file should you need it:

# smb.conf is the main Samba configuration file. You find a full commented
# version at /usr/share/doc/packages/samba/examples/smb.conf.SUSE if the
# samba-doc package is installed.
[global]
    max log size = 50
    log level = 3
    map to guest = Bad User
    public = Yes
    write raw = no
    local master = Yes
    read raw = no
    debug timestamp = Yes
    debug level = 2
    security = user
    logfile = /var/log/samba/%m.log
    workgroup = LOCAL
    passdb backend = tdbsam
    name resolve order = bcast hosts lmhosts wins
    os level = 65
    server string = Samba Server
    netbios name = lenovo
#[homes]
#    comment = Home Directories
#    valid users = %S, %D%w%S
#    browseable = No
#    read only = No
#    inherit acls = Yes
#    guest ok = Yes

## Share disabled by YaST
# [profiles]
#    comment = Network Profiles Service
#    path = %H
#    read only = No
#    store dos attributes = Yes
#    create mask = 0600
#    directory mask = 0700

#[users]
#    comment = All users
#    path = /home
#    read only = No
#    inherit acls = Yes
#    veto files = /aquota.user/groups/shares/
#    guest ok = Yes

## Share disabled by YaST
# [groups]
#    comment = All groups
#    path = /home/groups
#    read only = No
#    inherit acls = Yes

## Share disabled by YaST
# [printers]
#    comment = All Printers

; path = /var/tmp
; printable = Yes
; create mask = 0600
; browseable = No
## Share disabled by YaST
# [print$]
#    comment = Printer Drivers
#    path = /var/lib/samba/drivers
#    write list = @ntadmin root
#    force group = ntadmin
#    create mask = 0664
#    directory mask = 0775

[shared]
    comment = shared folder
    path = /export
    read only = No
    guest OK = Yes

btw, right now it just defaults me to “nobody”, which is rather insulting :slight_smile:

Thanks

It is looking to authenticate user sparkz_alot on msn.com

So this is a Windows 8?? if so yes it tries to authenticate on msn.com MS wants to know when you log into the OS LOL

Did you setup a MSN account? Windows 8 seems to want you to :wink:

Thanks gogalthorp,
Yes my ‘remote’ (about 2 feet) machine is running windows 8.1, the server is on openSUSE 13.1. On the windows 8.1 machine, the user login is sparkz_alot@msn.com. I can imagine why MS chose to use an email address for a login, however it’s creating a problem as far as samba and linux also are concerned, since you can’t create a local user that includes the “@” symbol. Maybe an ‘alias’ somewhere?

No clue I don’t touch Win 8 just know they want you to have a MSN account

Add a nw user to Win 8 and maybe you can trick it not to use MSN

On 6/13/2014 12:16 PM, sparkz alot wrote:
>
> gogalthorp;2648799 Wrote:
>> It is looking to authenticate user sparkz_alot on msn.com
>>
>> So this is a Windows 8?? if so yes it tries to authenticate on msn.com
>> MS wants to know when you log into the OS LOL
>>
>> Did you setup a MSN account? Windows 8 seems to want you to :wink:
>
> Thanks gogalthorp,
> Yes my ‘remote’ (about 2 feet) machine is running windows 8.1, the
> server is on openSUSE 13.1. On the windows 8.1 machine, the user login
> is sparkz_alot@msn.com. I can imagine why MS chose to use an email
> address for a login, however it’s creating a problem as far as samba and
> linux also are concerned, since you can’t create a local user that
> includes the “@” symbol. Maybe an ‘alias’ somewhere?
>
>
sparkz;

You can add a line in /etc/samba/smbusers of the form:


linux_name = windows_name1 windows_name2 <etc.>
e.g.
sparkz = sparkz_alot@msn.com

This maps windows name(s) to a linux name. You may also need to add this parameter to the [global] section of:
/etc/samba/smb.conf.


username map = /etc/samba/smbusers

( I don’t recall the default value the “username map” parameter on openSUSE. But you can check if it is necessary to add
the above parameter to your smb.conf with:


testparm -vs | grep "username map"

)

P.V.
“We’re all in this together, I’m pulling for you” Red Green

venzkep
Once again you are spot on. For the sake of clarity though, I will add to your instructions:


linux_name = windows_name1 windows_name2 <etc.>
e.g.
sparkz = sparkz_alot@msn.com
 

the “linux_name” has to be an actual user and a samba “user” (added with the smbpasswd linux_name).

Now my custom logs (thanks again for that) now show an actual user rather than ‘nobody’

Many thanks for the great advice to both my questions.

On 2014-06-13 19:26, gogalthorp wrote:
>
> No clue I don’t touch Win 8 just know they want you to have a MSN
> account
>
> Add a nw user to Win 8 and maybe you can trick it not to use MSN

Yes, you can configure Windows 8 not to use MSN. The default is to use
it, and they don’t easily tell you how to do without. But it is
possible, in fact easy, I have been told.

I don’t know how, I don’t use W8. Even if I read the instructions, I
would forget soon for lack of use.

If I were using W8, I would certainly create fully local users, never
tell MSN when I log or allow them to authenticate me in my own computer.


Cheers / Saludos,

Carlos E. R.
(from 13.1 x86_64 “Bottle” at Telcontar)

On Sat 14 Jun 2014 02:18:06 PM CDT, Carlos E. R. wrote:

On 2014-06-13 19:26, gogalthorp wrote:
>
> No clue I don’t touch Win 8 just know they want you to have a MSN
> account
>
> Add a nw user to Win 8 and maybe you can trick it not to use MSN

Yes, you can configure Windows 8 not to use MSN. The default is to use
it, and they don’t easily tell you how to do without. But it is
possible, in fact easy, I have been told.

I don’t know how, I don’t use W8. Even if I read the instructions, I
would forget soon for lack of use.

If I were using W8, I would certainly create fully local users, never
tell MSN when I log or allow them to authenticate me in my own computer.

Hi
On my windows 8 (well now 8.1) from a default factory re-install it
only creates a local account, but this is the method to use AFAIK;
http://www.hanselman.com/blog/HowToSignIntoWindows8Or81WithoutAMicrosoftAccountMakeALocalUser.aspx


Cheers Malcolm °¿° SUSE Knowledge Partner (Linux Counter #276890)
openSUSE 13.1 (Bottle) (x86_64) GNOME 3.10.1 Kernel 3.11.10-11-desktop
If you find this post helpful and are logged into the web interface,
please show your appreciation and click on the star below… Thanks!

Thanks for the link. I actually found my solution in the comments section. And I heartily agree with the author- beware of what your doing. It will definitely mess up many of the apps. All the more reason I’m taking the time and effort to learn Linux.

lol, I totally agree except MS doesn’t. For the moment I have to retain a MS machine so I have to find , hmm ‘solutions’ lol!. But then again, don’t we basically do the same thing every time we turn on our cell phones? Might be a good topic for General Chat :slight_smile:

On 6/14/2014 8:16 AM, sparkz alot wrote:
<snip>
>
>
> the “linux_name” has to be an actual user and a samba “user” (added with
> the smbpasswd linux_name).
>
> Now my custom logs (thanks again for that) now show an actual user
> rather than ‘nobody’
>
> Many thanks for the great advice to both my questions.
>
>
sparkz;

Glad to see you have both problems sorted out. Also note that life is smoother if the password you create with
smbpasswd is the same as the Windows password. This need not be the Linux login password. By default Windows will pass
the Windows name and password to the server.

Another possible solution to your login problem was to tell Windows to send a different name and password. I’m not sure
where that is on 8.1, but on earlier versions it was in the “User Account” panel of the “Control Panel”. At the moment
I do not have a Windows 8.x machine to check on, but I’m sure it is in the same spot as earlier versions.


P.V.