How to create a user account with Terminal in Samba

sudo smbpasswd -a <username>

Add that username to the smbusers file.

sudo gedit /etc/samba/smbusers

Add in the following line, substituting the username with the one you want to give access to. The format is <ubuntuusername> = “<samba username>”. You can use a different samba user name to map to an ubuntu account, but that’s not really necessary right now.

<username> = “<username>”

Now you can create samba shares and give access to the users that you listed here.

Creating folders and adding to user accounts in terminal

Create a new directory and assign user as the leader, you might want to change the shown statement to make them owner.
mkdir /home/<username>-files
chgrp <username> /home/<username>-files
chmod 0770 /home/<username>-files

-- MaryWillette - 2012-04-22

How do I set permissions to Samba shares with the config file?

Samba Basic permissions are as follows (configuration file is smb.conf [/etc/samba/smb.conf]):

  • read only: This parameter controls whether an user has the ability to create or modify files within a share. This is default.
  • guest ok: Uf this parameter is set to yes, the users will have access to the share without
    having to enter a password. This can pose security risk.
  • writeable: Specifies users should have write access to the share.
You can create the share called helpfiles with read only permission
path = /usr/share/docs
read only = Yes

You can create the share called salesdoc with write permission
path = /home/shared/sales
writeable = Yes

You can also create a list of users to give write access to the share with write list option. For example allow rocky and tony to write to the share called sales:
path = /home/shared/sales
write list = rocky tony

You can use following options

  • read list: This option accepts a list of usernames or a group as its value. Users will be given read-only access to the share.
  • valid users: You can make a share available to specific users. Usernames or group names can be passed on as its value.
  • invalid users: Users or groups listed will be denied access to this share.

How to create user accounts through the web GUI

1. System>Users and groups

2. Create New User

3. Add user name and password then click Create

4. Go to Servers>Samba Windows File Sharing

5. Click Convert Unix users to Samba Users

6. Once we've done this we should configure the password for this user. The password for accessing the server via Samba can be the same as the one used to access the server via Putty but we still need to complete this step regardless. So, on the Samba Windows File Sharing screen click Edit Samba users and passwords and then click on the user we've just created. Then check the New password option and enter the required password. Then click Save.

7. Now re-start Samba via the Samba Windows File Sharing screen by clicking on the Restart Samba Servers button. We should now be able to access those files and folders on our server for which we've given permission to this new user.

Creating folders and adding to user accounts in the web GUI

So back to Webmin and go to Servers -> Samba Windows File Sharing click on Create a new file share and give the Share the same name as the user account. Click on the Directory to share button and navigate to/home/YourUserName/testfolder. Click OK, change the Create with owner to the user we've just created by clicking on the button next to the field and choosing the new user.

Change the Create with group to be "users" and click the Create button. Now click on the Share Name you just created and then click on the Security and Access Control icon. Select Writable? Yes, and under Valid users click the button and select the user you just created. Then click the Save button.
This new user has read and write access to this "networked folder" (). Obviously for read-only access you'd select "Writable? No"

How to create users by batch file

System>Users and Groups>Run Batch File

Choose to upload the txt file with the list of users.

Execute batch

Your file must contain one line of text for each user that you want to create, and the format of each line must match the format shown on the batch file page.

The batch file execution form

The exact file format depends on what information your system stores about each user, but on most systems each line must follow the format :


An example line to create a user with the user ID automatically assigned by Webmin would be :

create:jcameron:mysecret::3001:Jamie Cameron:/home/jcameron:/bin/bash:::::

The line is made up of a series of fields, each separated by a colon : with NO SPACES. Even spaces after the last colon will create an error.

You can find the GID or Group ID by System>Users and Groups>Local Groups tab. This will list the groups and the ID number associated with them.

The meanings of the other fields are:

username The users login name. This cannot be left blank.
passwd The users password. If this field is left blank, then no password will be needed for the user. If it contains just the letter x , then the user will be locked and no login allowed.
uid User ID for the new user. This should generally be left blank, so that Webmin can assign one automatically.
gid ID of the users primary group. This cannot be a group name, and cannot be left blank. If more than one GID is entered, the user will be added as a secondary member to all of those after the first as well.
realname The users real name. Should not be left blank, but not actually mandatory.
homedir A directory that will be created and its ownership assigned to the user. You can leave this blank if the module has been configured to assign home directories automatically.
shell The users login shell. This field cannot be left blank.
min The number of days since the user was created or the password last changed that the user must wait before changing it again. Can be left blank to allow changing as soon as the user likes.
max The number of days after the user was created or the password last changed that the password expires and must be changed. If left blank, the password will never expire.
warn The number of days before the password expiry date that the user will be warned at login that his password is about to expire. If left blank, the user will not know that his password has expired until it happens.
inactive The number of days after the password expires that the entire account will be disabled, if the user has not chosen a new password. If left empty, the account will never expire.
expire The date on which this account will expire. Unfortunately, you must enter this as a number of days since the 1st of January 1970!

After clicking the Execute batch button a page displaying each user created and any errors encountered will be displayed. The most common error is a missing field in one of the lines - each must have exactly the right number of fields, and even if a field is blank the colon separator next to it must still be included.

After adding a list of users by batch you will still need to go and individually add folder permissions.

Topic revision: r1 - 2012-04-22 - MaryWillette
This site is powered by the TWiki collaboration platformCopyright &© by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback