Header Shadow Image


Samba on Mac OS and Win 10: Can’t mount SMB share, permission denied.

So you’re getting this:

permission denied

When trying to mount an SMB file share on a Mac OS or Win 10?  You’re likely running into the UPN limitation with users such as sam@domain.com.   Though this is a single user, the Mac OS CLI interprets this as a <user>@<host>  , which is not the case.  No escaping is possible using the @ sign, not even in passwords.

So you’ll need to use user maps to solve this one.  Keep reading.

[ Mac OS – Fails ]

[2020/02/21 00:03:16.960566,  5, pid=12382, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth_util.c:126(make_user_info_map)
Mapping user [mds.xyz]\[joe] from workstation [SERVER-PBM]

[ Win 10 – Works ]

    [2020/02/20 23:58:01.059514,  5, pid=11929, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth_util.c:126(make_user_info_map)
Mapping user []\[joe@mds.xyz] from workstation [JOHN-PC]

In fact, none of these worked either from a Mac OS book:

     5  mkdir samba
6  mount -t smbfs //joe@mds.xyz@192.168.0.125/NFS-joe samba
7  mount -t smbfs //mds.xyz\joe@192.168.0.125/NFS-joe samba
8  mount -t smbfs //joe\@mds.xyz@192.168.0.125/NFS-joe samba
9  mount -t smbfs //“joe\@mds.xyz”@192.168.0.125/NFS-joe samba
10  mount -t smbfs //192.168.0.125/NFS-joe samba
11  mount -t smbfs //192.168.0.125/NFS-joe samba -U “joe@mds.xyz”
12  mount -t smbfs //192.168.0.125/NFS-joe samba -u “joe@mds.xyz”
13  mount -t smbfs //192.168.0.125/NFS-joe samba -o user=“joe@mds.xyz”
14  mount -t smbfs //192.168.0.125/NFS-joe samba -o user=joe@mds.xyz
15  mount -t smbfs //192.168.0.125/NFS-joe samba -o rw,user=joe
16  mount -t cifs //192.168.0.125/NFS-joe samba -o rw,user=joe
17  mount -t smbfs //192.168.0.125/NFS-joe samba
18  id joe@mds.xyz
19  mount -t cifs //192.168.0.125/NFS-joe samba -o username=“joe@mds.xyz”
20  mount -t cifs //192.168.0.125/NFS-joe samba -o username=joe@mds.xyz
21  mount -t smbfs  //192.168.0.125/NFS-joe samba -o username=joe@mds.xyz
22  mount -t smbfs  //192.168.0.125/NFS-joe samba -o username=“joe@mds.xyz”,password=”<JOESPASS>”
23  mount -t smbfs  //192.168.0.125/NFS-joe -o username=joe,password=”<JOESPASS>”,domain=mds.xyz
24  mount -t smbfs  //192.168.0.125/NFS-joe -o user=joe,password=”<JOESPASS>”,domain=mds.xyz
25  smbclient -U joe@mds.xyz //192.168.0.125 -L //NFS-joe
26  mount -t -o username=joe@mds.xyz //192.168.0.125/NFS-joe samba
27  mount -t smbfs -o username=joe@mds.xyz //192.168.0.125/NFS-joe samba
28  mount -t smbfs -o user=joe@mds.xyz //192.168.0.125/NFS-joe samba
29  mount -t smbfs -o usr=joe@mds.xyz //192.168.0.125/NFS-joe samba
30  mount -t smbfs -o username=joe@mds.xyz //192.168.0.125/NFS-joe samba
31  mount -V
32  mount –version
33  mount -v
34  mount -t smbfs -o username=joe@mds.xyz //192.168.0.125/NFS-joe samba
35  mount_smbfs //joe@mds.xyz:<JOESPASS>@192.168.0.125/NFS-joe samba
36  mount_smbfs //joe@mds.xyz:”<JOESPASS>”@192.168.0.125/NFS-joe samba
37  ping 192.168.0.125
38  mount_smbfs //joe@mds.xyz:”<JOESPASS>”@192.168.0.125/joe@mds.xyz samba
39  mount_smbfs //“joe@mds.xyz”:”<JOESPASS>”@192.168.0.125/NFS-joe samba
40  mount_smbfs //joe:abc”@192.168.0.125/NFS-joe samba
41  mount_smbfs //joe:abc@192.168.0.125/NFS-joe samba
42  mount_smbfs //joe\@mds.xyz:”<JOESPASS>”@192.168.0.125/NFS-joe samba
43  mount_smbfs //joe’@’mds.xyz:”<JOESPASS>”@192.168.0.125/NFS-joe samba
44  mount_smbfs //mds.xyz\joe:”<JOESPASS>”@192.168.0.125/NFS-joe samba
45  mount_smbfs //mds.xyz\joe@192.168.0.125/NFS-joe samba
46  mount_smbfs //mds.xyz\joe@192.168.0.125/NFS-joe samba
47  mount_smbfs //mds.xyz;joe:@192.168.0.125/NFS-joe samba
48  mount_smbfs //mds.xyz;joe:”<JOESPASS>”@192.168.0.125/NFS-joe samba
49  mount_smbfs smb://mds.xyz;joe:”<JOESPASS>”@192.168.0.125/NFS-joe samba
50  mount_smbfs //joe:”<JOESPASS>”@192.168.0.125/NFS-joe samba
51  mount_smbfs //joe@mds.xyz:”<JOESPASS>”@192.168.0.125/NFS-joe samba
52  mount_smbfs //joe%40mds.xyz:”<JOESPASS>”@192.168.0.125/NFS-joe samba

Just to close this off. Finally got to trying username maps on the NFS server itself and sure enough it fixed this.

[global]
workgroup = SAMBA
security = user

passdb backend = tdbsam

printing = cups
printcap name = cups
load printers = yes
cups options = raw
log level = 4
max protocol = SMB3
min protocol = NT1
local master = no
realm = *
username map = /n/samba/user.map

# cat /n/samba/user.map
joe@mds.xyz = joe joseph
bob@mds.xyz = bob bobby
#

Line is:

mount_smbfs -d 5 //bob@nfs-c01.nix.mds.xyz/nfs-bob ./<MOUNT-POINT>

user: bob
pass: <PASS>

Works both on Windows 10 and Mac OS.

Cheers,
TK

Leave a Reply

You must be logged in to post a comment.


     
  Copyright © 2003 - 2013 Tom Kacperski (microdevsys.com). All rights reserved.

Creative Commons License
This work is licensed under a Creative Commons Attribution 3.0 Unported License