I've managed to figure out how to make what I requested work and will post the instructions.

  1. First, you need to figure out what the username you need to add is. The easiest way to do this is to first add log level = 2 to smb.conf. Then start and enable the Samba service. Then connect to the Samba server using File Explorer on the Windows PC while logged into the relevant account (you don't have to open any shared directories). Then open the log file found at /var/log/samba/log.<ip address of Windows PC> and the required username will be noted there. You can now set log level to 0 if you want.
  2. Create a Linux account for the Samba user using the useradd command (or use an existing one if you prefer). You don't need to worry about passwords with this account but if you create a new account, you may want to block login on it. This account's username doesn't have to be the same as the name noted above but it would be easier if it was. This account's purpose is for the purpose of file permissions and for Linux to determine what files and directories the Windows user is allowed to access.
  3. Create a Samba user with the same name as the Linux account in step 2 using the smbpasswd command. Make sure the password assigned to this account is the same as the one used for the Windows account.
  4. If the Samba and Windows accounts don't share the same username, you will have to either add !<Samba user> = <Windows user> to smb.conf or add <Samba user> = <Windows user> to smbusers and username map = /etc/samba/smbusers to smb.conf.
  5. And that should be it. Be sure to set the valid users = option on any shares you want accessible only by your Windows account.
Answer from XJDHDR on askubuntu.com
🌐
Msry
tips.msry.org β€Ί home
How to Access Samba Shares on Windows 10 Without a Password – Tips and Advices For technology
Additionally, since the user does not need to remember a password, they can be sure that their data is safe from hackers and other malicious actors. Another benefit of accessing Samba shares without a password on Windows 10 is improved convenience. By eliminating the need to enter a password each time, users can quickly and easily access their data without having to remember a password or take the time to enter it.
🌐
YouTube
youtube.com β€Ί watch
windows tricks - mount samba server without username and password using command prompt - YouTube
------------------ Useful Links ------------------------------------Connect to Samba Share from Windows 10https://www.techrepublic.com/article/how-to-connect...
Published Β  December 14, 2021
Top answer
1 of 1
5

I've managed to figure out how to make what I requested work and will post the instructions.

  1. First, you need to figure out what the username you need to add is. The easiest way to do this is to first add log level = 2 to smb.conf. Then start and enable the Samba service. Then connect to the Samba server using File Explorer on the Windows PC while logged into the relevant account (you don't have to open any shared directories). Then open the log file found at /var/log/samba/log.<ip address of Windows PC> and the required username will be noted there. You can now set log level to 0 if you want.
  2. Create a Linux account for the Samba user using the useradd command (or use an existing one if you prefer). You don't need to worry about passwords with this account but if you create a new account, you may want to block login on it. This account's username doesn't have to be the same as the name noted above but it would be easier if it was. This account's purpose is for the purpose of file permissions and for Linux to determine what files and directories the Windows user is allowed to access.
  3. Create a Samba user with the same name as the Linux account in step 2 using the smbpasswd command. Make sure the password assigned to this account is the same as the one used for the Windows account.
  4. If the Samba and Windows accounts don't share the same username, you will have to either add !<Samba user> = <Windows user> to smb.conf or add <Samba user> = <Windows user> to smbusers and username map = /etc/samba/smbusers to smb.conf.
  5. And that should be it. Be sure to set the valid users = option on any shares you want accessible only by your Windows account.
🌐
Super User
superuser.com β€Ί questions β€Ί 1555588 β€Ί windows-10-mount-smb-share-without-credentials
Windows 10 Mount SMB Share without Credentials - Super User
After a few hours changing registry and group policy, I found a solution that works for me. Just use that command in the command prompt: net use x: \\server\share /user:"" ""
Top answer
1 of 5
36

OK, I have found an answer myself.

As this is absolutely not obvious from the docs and HOWTOs and whatever, the reason this thing asks for password is because it cannot map guest user to the owner of the directory being shared.

I have NTFS partitions which I need to mount RW so I used the following setup in my /etc/fstab:

/dev/sdb1  /media/disk1  ntfs defaults,noexec,noatime,relatime,utf8,uid=1000,gid=1000 0       2
/dev/sdb2  /media/disk2  ntfs defaults,noexec,noatime,relatime,utf8,uid=1000,gid=1000 0       2

The most important pieces of config are uid and gid (maybe only uid, don't know). They are set to the UID and GID of the user jonnie set up on the server (obviously not root). So, when ntfs-3g will mount these disks, everything will be owned by him.

After that, I have added this user to the Samba registry (or maybe created new identical one, don't care):

# smbpasswd -a jonnie

It asked for password, I have entered the same as for the main system.

After that, I have added the force user and force group settings to the smb.conf:

[global]
  workgroup = WORKGROUP
  netbios name = HOMESERV
  security = user
  map to guest = Bad User

[disk1]
  comment = Disk 1 on 400GB HDD
  path = /media/disk1
  browsable = yes
  guest ok = yes
  read only = no
  create mask = 666
  directory mask = 777
  force user = jonnie
  force group = jonnie

[disk2]
  comment = Disk 2 on 400GB HDD
  path = /media/disk2
  browsable = yes
  guest ok = yes
  read only = no
  create mask = 666
  directory mask = 777
  force user = jonnie
  force group = jonnie

So, most important piece of config relevant to me was force user.

Courtesy of the Samba HOWTO

2 of 5
6

The config can be shorter:

Create unix user jonnie

sudo useradd jonnie -s /usr/sbin/nologin

Create smbuser

sudo smbpasswd -a jonnie

Create the Linux directory to share

mkdir /mysmbshare

Change the owner of the directory to jonnie

sudo chown jonnie /mysmbshare

smb.conf

[global]
  workgroup = MyWorkGroup
  server string = Hello, use me
  security = user
  map to guest = Bad User
  guest account = jonnie
  passdb backend = tdbsam
  
[the_public_share]
   path = /mysmbshare
   writable = yes
   printable = no
   public = yes

All files are owned by jonnie and everyone has rw access to the files.

🌐
Windows 10 Forums
tenforums.com β€Ί network-sharing β€Ί 157449-access-samba-share-ubuntu-20-04-windows-10-without-smb-v1.html
Access Samba share on Ubuntu 20.04 from Windows 10 without SMB V1? - Windows 10 Help Forums
May 30, 2020 - Make sure you add the user you want to allow access Restart the smbd service ... \\IPADDRESS\folder\ You should get a prompt asking you to type in the username you setup followed by the password to access Samba from that user. This should work. If not it's definetly got something to do with ...
🌐
TechRepublic
techrepublic.com β€Ί home β€Ί open source
How to Connect to Linux Samba Shares from Windows
December 6, 2024 - Learn how to connect Windows 10 or 11 to Linux Samba shares, with step-by-step instructions for seamless file sharing and troubleshooting.
🌐
OneUptime
oneuptime.com β€Ί home β€Ί blog β€Ί how to access samba shares from windows, mac, and linux
How to Access Samba Shares from Windows, Mac, and Linux
March 2, 2026 - If you need to pass credentials without embedding the password in history, omit the password and Windows will prompt: ... If you get "Network path not found," verify the server firewall allows TCP 445 and UDP 137-138.
Find elsewhere
Top answer
1 of 2
4

I finally found the solution:

[global]
workgroup = WORKGROUP
netbios name = NAS
log file = /var/log/samba/log.%m
max log size = 1000
logging = file
panic action = /usr/share/samba/panic-action %d
server role = standalone server
obey pam restrictions = yes
unix password sync = yes
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
pam password change = yes
map to guest = bad user
usershare allow guests = yes
[public]
path = /home/share
public = yes
guest only = yes
writable = yes
force create mode = 0666
force directory mode = 0777
browseable = yes

creates a share without any user/password login.

You can access it in Windows with \\NAS\public.

2 of 2
0

I use this. The script uses ACLs to gives all files in the directory to the Debian group "sambashare". This simplifies the exchange of files between local and remote users, because local and remote users can read and write all files in the directory.

mkdir /home/sambashare
chown nobody:sambashare /home/sambashare
chmod 2775 /home/sambashare

setfacl -R -dm u::rwx,g::rwx,o::r-x /home/sambashare
setfacl -R -m u::rwx,g::rwx,o::r-x /home/sambashare

cat >> /etc/samba/smb.conf <<EOF

[public]
   comment = Public Share
   path = /home/sambashare
   browsable = yes
   guest ok = yes
   read only = no
   create mask = 0664
   directory mask = 2775
   force create mode = 0660
   force directory mode = 2770
   force group = sambashare
   inherit acls = yes
   map acl inherit = yes
EOF

systemctl enable smbd
systemctl enable nmbd

usermod -aG sambashare localuser
🌐
Windows OS Hub
woshub.com β€Ί cannot-access-smb-network-shares-windows-10-1709
Can’t Access Shared Folders or Map Network Drives from Windows 10 and 11 | Windows OS Hub
March 16, 2024 - Thank-you Sir, turning on SMB Client in Windows 10 did the job perfectly for me, allowing me to access a samba share on a networked pi after hours and hours of checking config files and pulling my hair out πŸ™‚ Reply
Top answer
1 of 1
3

I had configured the share to not use a password

Samba does not actually support per-share passwords. This security model was used in the Windows 98 era, but was completely removed from Samba in 2012. (Meanwhile Windows NT/2000/XP series never had per-share passwords in the first place, they were account-based the whole time.)

All SMB security is now account-based (just like in SSH and other protocols) – you provide a username and password to log in to the SMB server, and then access to shares is granted depending on your user account.

so I believe that it wanted a password to connect to the Linux machine

That's almost right.

By default, Samba indeed uses the same system accounts as Linux itself does. The only difference is that the passwords are stored separately – Samba needs to store a NTLM-compatible password hash, as it cannot use the standard Linux hashed passwords.

This means that you must set a "Samba password" for your Linux user account before you can connect – use smbpasswd to do this on the Linux server:

sudo smbpasswd -a jonathan

(The Samba username always needs to match your Linux username in order for file permissions to work correctly, but the passwords can be different.)

I have set the necessary port access in UFW namely 137/udp, 138/udp, 139/tcp, and 445/tcp.

SMB runs over 445/tcp alone. (Unless your client is running Windows 95/98, which needs 139/tcp.)

Port 137/udp is used for LAN hostname resolution (NBNS) and port 138/udp is used for nearby computer discovery ('Computer Browser' service) – both are completely optional for SMB, and in fact both are NetBIOS-based services which most Windows 10 clients have disabled along with disabling SMBv1.

🌐
Endless OS
community.endlessos.com β€Ί english β€Ί help
Access SMB share without password - help - Endless OS Community
August 26, 2019 - How can I access a windows share that is setup without a password. Endless keeps asking me to put in credentials. How can I do this?
Top answer
1 of 2
2

So you have likely run into an issue with Windows 10 Pro and more recent versions, explictly protecting against the exact thing you are trying to do.

Windows by default does not allow accessing SMB services via what it views as insecure guest access. There are two ways to change this.

First, is a way to do this if you have already installed/enabled gpedit, which is tricky in Windows 10 Pro and not covered here:

Run: gpedit.msc
Go to: Local Computer Policy -> Computer Configuration -> Windows Settings -> Administrative Templates -> Network -> Lanman Workstation
Enable: "Enable insecure guest logons"

The other option is in the registry editor:

Run: regedit
Go to: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\LanmanWorkstation
Click: Edit -> New -> DWORD (32-bit) Value
Name it: AllowInsecureGuestAuth
Set value to: 1
Exit Registry Editor
Reboot

At this point, with either method, you should be able to see secured shares without a username and password. HOWEVER, please note there is no "guest" option when authenticating by default. So, it MAY still ask you for a username/password. If it does, enter in anything. It doesn't matter. When it fails, the server will use the 'map to guest' setting and fall back to the guest user and allow visibility.

Good luck and let me know if this works!

2 of 2
1

https://learn.microsoft.com/en-us/troubleshoot/windows-server/networking/guest-access-in-smb2-is-disabled-by-default

Guest access in SMB2 and SMB3 disabled by default in Windows

This article describes information about Windows disabling guest access in SMB2 and SMB3 by default, and provides settings to enable insecure guest logons in Group Policy. However, this is generally not recommended.

Original KB number: 4046019

Symptoms

Starting from Windows 10, version 1709 and Windows Server 2019, SMB2 and SMB3 clients no longer allow the following actions by default:

  • Guest account access to a remote server.
  • Fall back to the Guest account after invalid credentials are provided.

SMB2 and SMB3 have the following behavior in these versions of Windows:

  • Windows 10 Enterprise and Windows 10 Education no longer allow a user to connect to a remote share by using guest credentials by default, even if the remote server requests guest credentials.
  • Windows Server 2019 Datacenter and Standard editions no longer allow a user to connect to a remote share by using guest credentials by default, even if the remote server requests guest credentials.
  • Windows 10 Home and Pro are unchanged from their previous default behavior; they allow guest authentication by default.
  • Windows 11 Insider Preview Build 25267 Pro editions no longer allow a user to connect to a remote share by using guest credentials by default, even if the remote server requests guest credentials. All subsequent Windows 11 Insider Preview builds no longer allow a user to connect to a remote share by using guest credentials by default.

If you try to connect to devices that request credentials of a guest instead of appropriate authenticated principals, you may receive one of the following error messages:

  • You can't access this shared folder because your organization's security policies block unauthenticated guest access. These policies help protect your PC from unsafe or malicious devices on the network.

  • Error code: 0x80070035 The network path was not found.

Also, if a remote server tries to force you to use guest access, or if an administrator enables guest access, the following entries are logged in the SMB Client event log:

Log Name: Microsoft-Windows-SmbClient/Security  
Source: Microsoft-Windows-SMBClient  
Date: Date/Time  
Event ID: 31017  
Task Category: None  
Level: Error  
Keywords: (128)  
User: NETWORK SERVICE  
Computer: ServerName.contoso.com  
Description: Rejected an insecure guest logon.  
User name: Ned  
Server name: ServerName 

Guidance

This event indicates that the server tried to log on the user as an unauthenticated guest but was denied by the client. Guest logons don't support standard security features such as signing and encryption. So, guest logons are vulnerable to man-in-the-middle attacks that can expose sensitive data on the network. Windows disables insecure (nonsecure) guest logons by default. We recommend that you don't enable insecure guest logons.

Cause

This change in default behavior is by design and is recommended by Microsoft for security.

A malicious computer that impersonates a legitimate file server could allow users to connect as guests without their knowledge. We recommend that you don't change this default setting. If a remote device is configured to use guest credentials, an administrator should disable guest access to that remote device and configure correct authentication and authorization.

Windows client and Windows Server haven't enabled guest access or allowed remote users to connect as guest or anonymous users since Windows 2000. Only third-party remote devices might require guest access by default. Microsoft-provided operating systems don't.

Resolution

Configure your third-party SMB server device to require a username and password for SMB connections. If your device allows guest access, any device or person on your network can read or copy all of your shared data without any audit trail or credentials.

If you can't configure your third-party device to be secure, you can enable insecure guest access with the following Group Policy settings:

  1. Open the Local Group Policy Editor (gpedit.msc) on your Windows device.
  2. In the console tree, select Computer Configuration > Administrative Templates > Network > Lanman Workstation.
  3. For the setting, right-click Enable insecure guest logons and select Edit.
  4. Select Enabled > OK.

For monitoring and inventory purposes, this group policy sets the following DWORD registry value to 1 (insecure guest auth enabled) or 0 (insecure guest auth disabled):

Key: HKLM\Software\Policies\Microsoft\Windows\LanmanWorkstation

Value: AllowInsecureGuestAuth

To set the value without using Group Policy, use the following registry value:

Key: HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters

Value: AllowInsecureGuestAuth

Note

As usual, the value setting in Group Policy will override the value setting in the non-Group Policy registry value. (Check both during investigation).

More information

This setting has no effect on SMB1 behavior. SMB1 continues to use guest access and guest fallback.

🌐
Garron
garron.me β€Ί en β€Ί go2linux β€Ί share-files-windows-linux-samba-no-password.html
How to share files with Windows using samba and no password
February 16, 2011 - [global] workgroup = MYGROUP server string = Samba Server security = share guest account = nobody log file = /var/log/samba.%m [Guest Share] comment = Guest access share path = /tmp/share/ browseable = yes read only = yes guest ok = yes Β· Be sure to use security = share so the Windows will ...
🌐
SambaWiki
wiki.samba.org β€Ί index.php β€Ί Setting_up_a_Share_Without_Authentication
Setting up a Share Without Authentication - SambaWiki
For details about setting up a share that users can access without authenticating, see Setting up Samba as a Standalone Server
Top answer
1 of 1
2

Basically, what I think I want but don't know how to do is to have Samba map any user that connects to a specific user on the server (I think it can be done with a user map file), and then additionally, which I haven't found out how to do, have it accept any password as valid (we have PCs with the same user account names and different passwords).

Both can be done using the same map to guest = bad user option in Samba, but unfortunately, "emulating" Guest access in this way is exactly what "Guest" access is in SMB.

One problem is that SMB servers do not receive passwords at all; they use NTLM when outside an AD domain and Kerberos within a domain. NTLM is a challenge/response protocol that additionally produces a session key to both peers, which SMB then uses to authenticate each packet (as well as the entire handshake in SMBv3 – this provides a form of MITM protection when negotiating the encryption key for SMBv3).

However, for challenge/response protocols like NTLM or CHAP to work properly, the server must already know the user's password (shared secret) – without it, the server cannot derive the NTLM session key from just the client's response alone (being able to do so would defeat the point of the protocol), and therefore cannot correctly 'sign' the SMB messages.

So the way "Guest" access in SMB works is that the server must indicate to the client, "Your credentials didn't work but I accepted you as guest anyway", so that the client would know to not require SMB message signing. If the server accepted arbitrary NTLM responses but didn't send the "Guest access" indication (if I'm reading the protocol docs right), this would result in the client failing to connect anyway.

In short, you cannot really emulate guest access without implementing actual guest access. Selecting map to guest = bad user means Samba has to indicate that this is a guest session.

(Although according to docs, only the Enterprise or Education editions of Windows 10 disables this by default, while Home/Pro does not – and if you do not have an AD domain, I think it's unlikely that you'll be using Enterprise...)


What you could do instead is the opposite: Windows does not require the logged-in user to be used for SMB – on failure it will prompt you for credentials (and will even let you save them), so you could use normal SMB authentication but create a single account with a password that everyone knows (write it next to your office Wi-Fi password). You can have a batch script to pre-save the password using cmdkey.

(This also works when accessing a domain-joined file server via Kerberos.)

🌐
Super User
superuser.com β€Ί questions β€Ί 1935095 β€Ί unable-to-access-samba-share-from-windows-10
Unable to access Samba share from Windows 10 - Super User
February 19, 2026 - [global] workgroup = WORKGROUP server string = Samba (%h) log file = /var/log/samba/log.%m max log size = 10240 logging = file panic action = /usr/share/samba/panic-action %d server role = standalone server obey pam restrictions = yes unix password sync = yes passwd program = /usr/bin/passwd %u passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
Top answer
1 of 1
10

As for this specific error message:

Multiple connections to a server or shared resource by the same user, using more than one user name, are not allowed. Disconnect all previous connections to the server or shared resource and try again.

The problem here is that when a user on Windows first makes contact with a server it automatically passes that users' local login username. If you have a public share it remembers that it took that username successfully. When you try to connect to a private share and don't pass the exact same username and password, it thinks you are trying to access with another name.

Some workarounds:

1) Map the Windows user to the local Linux user - this is useful for Win10 users who log into their systems with a Microsoft account.

  • Create a file at /etc/samba/smbusers

  • Map the local Linux user to the Windows user by adding the conversion to the file. For example:

luci = [email protected]
john = "John Smith"
  • Then add a reference to the map in /etc/samba/smb.conf in the [global] section:
username map = /etc/samba/smbusers
  • Finally restart smbd: sudo service smbd restart

2) Make another connection to the Linux server

Windows can address a Linux server in two (three in Win10) different ways. By hostname, by ip address, or by mDNS name (Win10 only):

\\ubuntu\Protected
\\192.168.0.100\Protected
\\ubuntu.local\Protected

Even though all of these point to the same machine, Windows sees them a three separate hosts.

3) Map the "network drive"

When mapping a drive, select the "connect using different credentials" option.