SOLVED Truenas - Issues with SMB - seems to be limiting number of users

[tiftb]

Hello everyone,

I would like help with the following problem:
I have a TrueNAS installation, everything was working fine, all SMB shares, however, we need to add new users.
These new users have UID above 1051.

When trying to log in with such a user on Windows 10, it fails to login and returns the error "nt_status_no_such_user" in the log.
If I login with a user who has a UID less than 1051 on that same pc that was giving an error, he authorizes me and I can access the folders.

TrueNas or SMB seem to be limiting the number of users who can access the SMB service and sharing folders.

Has anyone ever had a problem like this, or know how to solve it?

Tanks
(P.s.: I'm Brazilian)

 

[anodos]

Hello everyone,

I would like help with the following problem:
I have a TrueNAS installation, everything was working fine, all SMB shares, however, we need to add new users.
These new users have UID above 1051.

When trying to log in with such a user on Windows 10, it fails to login and returns the error "nt_status_no_such_user" in the log.
If I login with a user who has a UID less than 1051 on that same pc that was giving an error, he authorizes me and I can access the folders.

TrueNas or SMB seem to be limiting the number of users who can access the SMB service and sharing folders.

Has anyone ever had a problem like this, or know how to solve it?

Tanks
(P.s.: I'm Brazilian)

What version is this?

 

[Samuel Tai]

Are you running Active Directory? On my system, I can authenticate SMB with a UID in the 3000 range.

 

[anodos]

Are you running Active Directory? On my system, I can authenticate SMB with a UID in the 3000 range.

I've done local auth close to max value of uid_t. It might be an error in passdb entry syncing.

 

[tiftb]

What version is this?

Current Train: TrueNAS-12.0-STABLE

Are you running Active Directory? On my system, I can authenticate SMB with a UID in the 3000 range.

I don't use AD, I add users through the NAS GUI

I've done local auth close to max value of uid_t. It might be an error in passdb entry syncing.

could you teach me how to fix this?

My smb.conf file

[global]
dns proxy = No
aio max threads = 2
max log size = 5120
load printers = No
printing = bsd
disable spoolss = Yes
dos filemode = Yes
kernel change notify = No
directory name cache size = 0
nsupdate command = /usr/local/bin/samba-nsupdate -g
unix charset = UTF-8
log level = 3 auth_json_audit:3@/var/log/samba4/auth_audit.log
obey pam restrictions = False
enable web service discovery = True
username map = /usr/local/etc/smbusername.map
username map cache time = 60
logging = file
server min protocol = NT1
restrict anonymous = 2
ntlm auth = Yes
client ntlmv2 auth = No
bind interfaces only = Yes
netbios name = truenas
netbios aliases =
server role = standalone
workgroup = WORKGROUP
idmap config *: backend = tdb
idmap config *: range = 90000001-100000000
full_audit:prefix = %u|%I|%m|%S
full_audit:success = rename unlinkat
full_audit:failure = none
full_audit:facility = LOCAL5
full_audit:priority = NOTICE
recycle:versions = TRUE
recycle:exclude = *.tmp, *.temp
recycle:maxsize = 10737418240
security = user
registry shares = yes
include = registry


But, "username map = /usr/local/etc/smbusername.map" is a empty file.

 

[anodos]

Remove all the auxiliary parameters from your SMB service config.

midclt call smb.synchonize_passdb -job should force a re-sync for passdb entries.

 

[tiftb]

Remove all the auxiliary parameters from your SMB service config.

midclt call smb.synchonize_passdb -job should force a re-sync for passdb entries.

output:
root@truenas[~]# midclt call smb.synchronize_passdb -job
Status: (none)
Total Progress: [########################################] 100.00%
null

After forcing the sync, all the users I had created are able to login.
But when I added user after this process, the login failed again.

every time I add a user would I have force sync?

 

[anodos]

output:
root@truenas[~]# midclt call smb.synchronize_passdb -job
Status: (none)
Total Progress: [########################################] 100.00%
null

After forcing the sync, all the users I had created are able to login.
But when I added user after this process, the login failed again.

every time I add a user would I have force sync?

Shouldn't, but depending on the context, the sync job may be backgrounded (i.e. wait a little while before testing).

 

[tiftb]

Remove all the auxiliary parameters from your SMB service config.

midclt call smb.synchonize_passdb -job should force a re-sync for passdb entries.

I removed the following auxiliary parameters from my SMB configuration:
recycle:versions = TRUE
recycle:exclude = *.tmp, *.temp
recycle:maxsize = 10737418240

I restarted the SMB service and tested adding new users... apparently the problem was in those parameters, as @anodos said.

issue fixed!!!

Tanks all.

 

[ncmarc]

I am having a similar issue, running the command: midclt call smb.synchonize_passdb -job

results in this:

Code:

[ENOMETHOD] Method 'synchonize_passdb' not found in 'smb'
Traceback (most recent call last):
  File "/usr/local/lib/python3.9/site-packages/middlewared/utils/service/call.py", line 30, in _method_lookup
    methodobj = getattr(serviceobj, method_name)
AttributeError: 'CompoundService' object has no attribute 'synchonize_passdb'

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/usr/local/lib/python3.9/site-packages/middlewared/main.py", line 320, in on_message
    serviceobj, methodobj = self.middleware._method_lookup(message['method'])
  File "/usr/local/lib/python3.9/site-packages/middlewared/utils/service/call.py", line 32, in _method_lookup
    raise MethodNotFoundError(method_name, service)
middlewared.utils.service.call.MethodNotFoundError: [ENOMETHOD] Method 'synchonize_passdb' not found in 'smb'

 

[anodos]

I am having a similar issue, running the command: midclt call smb.synchonize_passdb -job

results in this:

Code:

[ENOMETHOD] Method 'synchonize_passdb' not found in 'smb'
Traceback (most recent call last):
  File "/usr/local/lib/python3.9/site-packages/middlewared/utils/service/call.py", line 30, in _method_lookup
    methodobj = getattr(serviceobj, method_name)
AttributeError: 'CompoundService' object has no attribute 'synchonize_passdb'

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/usr/local/lib/python3.9/site-packages/middlewared/main.py", line 320, in on_message
    serviceobj, methodobj = self.middleware._method_lookup(message['method'])
  File "/usr/local/lib/python3.9/site-packages/middlewared/utils/service/call.py", line 32, in _method_lookup
    raise MethodNotFoundError(method_name, service)
middlewared.utils.service.call.MethodNotFoundError: [ENOMETHOD] Method 'synchonize_passdb' not found in 'smb'

You have typo.
midclt call smb.synchronize_passdb -job

 

[ncmarc]

Thanks!

I actually found out the issue, but not sure how to solve it. So yesterday I had enabled NFS and exported one directory that another server needed access to. Since I've done that, new users don't authenticate via SMB until I remove the SMB Share, then SMB works again.

Any thoughts? Should I make a new thread since I think this is a different issue?