Issue accessing Samba when using Active Directory

A little help out there for anyone else that may have come across this problem…

When accessing a remote Samba share (e.g. on a non-trusted Domain), the Samba file server rejects your credentials, even though you know they are correct. When you look in the Samba error log, you see a message like this:

[2012/03/27 10:01:22, 0] lib/util_sock.c:read_data(534)
read_data: read failure for 4 bytes to client Error = Connection reset by peer

There’s a couple of potential issues. First off, try adding the following to your smb.conf file (assuming you’re using Samba v3 or above):

client ntlmv2 auth = yes

If this doesn’t work, check to see what security you’re using. If you’re using ADS for security¬†(Windows Active Directory), you’ll see the following line in smb.conf:

security = ADS

In my case I was trying to access a Samba source on a remote, non-trusted Domain, and when entering login details I entered the username in the Windows NT format e.g. COMPANY-DOMAIN\username.

Even though the credentials were correct, the Samba server would reject the credentials and the Samba error log had the message as above.

The fix for this is really easy, but hard to find on the Internet (hence why I’m posting this article) – enter your username in the LDAP/ADS format of username@domain.tld (e.g. fred.bloggs@company.local). The combination of both fixes in this post should help you gain access to that problematic Samba server.

Comments are closed