I have a SMB share on a Linux host. To grant remote access to the share for a Windows user, one must create a new SMB user which has the same username, and same password as the Windows account.
i.e. to give access to Windows user winhost\calvin I would run smbpasswd -a calvin, and use the same password that winhost\calvin uses. Then I would update smb.conf to something like
[myshare]
path = /home/lincoln/myshare
valid users = lincoln, calvin
read only = no
Once this is in place, calvin can now see the share from Windows via UNC path \\<ip addr>\myshare
This works fine for named user accounts, but I can't figure out how to grant access to a Windows "local system" account, i.e. a machine account.
I have tried creating SMB users with names like WINHOST and WINHOST$ with a blank password (local system accounts don't have passwords), but this doesn't seem to work.
When I try to access the share using the system account (via dir \\<ip addr>\myshare) I get the error "The specified server cannot perform the requested operation".
What are the details of the SMB account and config that can make this happen?
I do not want to make the share public – this seems to be the only workaround I can find so far.
Best Answer
When not using a domain, the LocalSystem account can access network resources only with anonymous credential. In other words, it will not present named credential to the remote samba server.