24

Exact same question as this one, but using CLI instead of GUI.

I'd like to allow login access to a shared SMB directory, but the users get no other access to the server.

Community
  • 1
Foo Bar
  • 413
  • The question you refer to deals with guest access to samba, in other words everyone on the network has access to the share with no password. In your case, if that's what you want, what's the point of creating a special "user for samba only", if all have access anyway? – mikewhatever Oct 14 '14 at 15:04
  • As the other asker also said, I do want logins and passwords for the file share. – Foo Bar Oct 14 '14 at 15:05
  • Not sure what other asker you are talking about. See my answer below, hope it helps. – mikewhatever Oct 14 '14 at 15:19
  • Thanks. I was referring to: http://askubuntu.com/questions/152020/create-a-user-for-sharing-purposes-only#comment-184235 – Foo Bar Oct 14 '14 at 16:47

2 Answers2

56
  1. Create a user on the server:

sudo adduser --no-create-home --disabled-password --disabled-login sambausername

  1. Add that user to samba (you'll be asked to type a password):

sudo smbpasswd -a sambausername

  1. Create a share by editing /etc/samba/smb.conf. For example, you can add something like this to the bottom:

    [share name]
    comment = whatever
    path = /path to share
    browsable = yes
    read only = no
    guest ok = no

  2. Now is a good idea to restart samba:

sudo service smbd force-reload

  1. Go to the client machine and try to access the share with the username and password you've just set up.
mikewhatever
  • 32,638
  • 9
    --no-create-home --disabled-password --disabled-login This saved my day! Still helpful in 2017! – Stan Dec 05 '17 at 11:39
  • 2
    @Stan Thanks for the feedback, glad it was helpful. – mikewhatever Dec 05 '17 at 15:40
  • How do i use this user as a "valid users = ". For some reason this does not work? If i use the username of a user with a dashboard it will work. Otherwise it doesn't. – Myron Oct 04 '18 at 09:44
  • how can I do first step on centos? – Sollosa Mar 11 '19 at 11:03
  • maybe better: sudo adduser --no-create-home --disabled-password --disabled-login --gecos "" sambausername (where --gecos "" option to skip the chfn interactive part https://askubuntu.com/a/94067/828892 and uid < 1000 for hidden account https://askubuntu.com/a/22010/828892) – acgbox Nov 12 '19 at 21:10
8

With Active Directory (Samba 4.0+)

If you have Samba 4.x and it is connected to an Active Directory, you can use samba-tool to add a user to it:

samba-tool user add USERNAME-HERE

Please see Samba AD DC howto for more info

Answer Extracted from Cyberciti

To verify your Samba Version just user the command

samba -V

Example Output:

Version 4.3.11-Ubuntu
Paul
  • 697
  • 5
  • 9
André M. Faria
  • 7,204
  • Should this be the new accepted answer? – Pichan Feb 22 '17 at 12:59
  • 3
    Scratch that. Didn't work after all :/ Seems that samba-tool is for Active Directory. – Pichan Feb 22 '17 at 13:02
  • 4
    A Futher search shows that you need to config a Samba AD to use this feature. – André M. Faria Feb 22 '17 at 13:18
  • 1
    Maybe the AD requirement should be more prominent? – Joril Feb 28 '18 at 10:05
  • In samba 4.7, I'm seeing "samba-tool user add" marked as deprecated. It seems it's now "samba-tool user create" that should be used. I confirm this is working, now as said in previous comments, this is for adding a user to an AD environment, not to a simple SMB file server as asked. – Little Jawa Jul 16 '18 at 11:53
  • 3
    samba-tool is for Active Directory (AC) provisioning only https://askubuntu.com/a/490342/828892 – acgbox Nov 11 '19 at 22:06
  • I submitted an edit to clarify the AD relationship. – Paul Jan 06 '23 at 18:32