I have a SMB share on a Linux host. To grant remote access to the share for a Windows user, one must create a new SMB user which has the same username, and same password as the Windows account.
i.e. to give access to Windows user winhost\calvin
I would run smbpasswd -a calvin
, and use the same password that winhost\calvin
uses. Then I would update smb.conf to something like
[myshare]
path = /home/lincoln/myshare
valid users = lincoln, calvin
read only = no
Once this is in place, calvin
can now see the share from Windows via UNC path \\<ip addr>\myshare
This works fine for named user accounts, but I can't figure out how to grant access to a Windows "local system" account, i.e. a machine account.
I have tried creating SMB users with names like WINHOST
and WINHOST$
with a blank password (local system accounts don't have passwords), but this doesn't seem to work.
When I try to access the share using the system account (via dir \\<ip addr>\myshare
) I get the error "The specified server cannot perform the requested operation".
What are the details of the SMB account and config that can make this happen?
I do not want to make the share public – this seems to be the only workaround I can find so far.
Best Answer
When not using a domain, the LocalSystem account can access network resources only with anonymous credential. In other words, it will not present named credential to the remote samba server.