Samba config for local network share?

I am facing permission problems with Samba shares created via GUI in ZorinOS 17. On a fresh install I followed the same procedure as I am used to when setting up local network shares in Ubuntu 22.04, yet the permissions do not allow me to browse these network shares from other computers.

Generally speaking, I am confused by the permissions and ownership of Samba shares created via GUI as I usually handle Samba shares in server environments (professionally, even as drop-in replacement for Win AD in Domain Controller role). I have honestly no clue where Zorin saves the configuration of shares created by the Nautilus dialogues and as far is I can tell my /etc/samba/smb.conf seems to be completely unaffected by GUI operations.

Scenario A: User Bob wants to access Alice's computer, browsing the folder shareBob in home/alice/Public/. Bob has a Samba password, but no UNIX user account. The Samba share has permissions alice:alice 777, it requires authentication (thus no guest ok = yes) but is inaccessible.

Scenario B: The same Samba share now is set to accept guest access. Bob tries to browse the folder as a guest and frantically clicks on the share, but receives the same permission error. Bob now desperately enters his password again, but to no avail. No nasty pictures educational materials for you, Bob.

Scenario C: The Samba share still has ownership alice:alice, but now Bob has an entry in /etc/passwd, so no need for 777, but this time it is 770. Bob still can't browse the folders. Setting permissions back to 777 doesn't do anything either.

Scenario D: Setting ownership to alice:sambashare, hoping to let Bob browse the content of the folders. $ sudo usermod -aG sambashare bob doesn't do anything, sudo smbpasswd -a or -e don't have any effect either.

Now... I am puzzled. When I do the same on plain Ubuntu 22.04 it's a matter of one minute to enable guest access through the local network. Which secret magic happens in the background when creating or altering shares via GUI? I am clueless. I have tried every possible combination of folder ownership, permissions, whatsoever, UFW is down, I even restarted several times after changing permissions but always the same result.

Image related ... that's me when configuring shares in a GUI. I am about as smart as this dude.

Can you take a look at this thread? I think it may be the same issue.

Yes, it is a similar issue. The problem here is that - as I had taken the same approach for testing purposes - this user created a POSIX account, which somehow corrupts the idea of Samba in general. The core idea of Samba is not to have a POSIX account on the host machine for each user accessing the shares, thus also the guest account (served by avahi). After all, I had tried that before but it made no difference either. There seems to be a significant difference between Zorin 16 and 17.

If I knew where the user generated config is stored, I could at least check that and find out what is going on. Logs also didn't give me any hint.

These should be stored under /var/lib/samba/usershares. But I'm not sure why it's not working in this case, there may be an underlying dependency missing on ZorinOS. I'll give it a try later today if I can.

I have checked the usershares config in /var/lib/samba and compared that to the existing shares on the Ubuntu 22.04 machin3. There is no difference; the configuration is quite short anyway.

comment=Shared with Bob

I have also tried to deactivate the Sharing option in the regular settings menu, but it makes no difference either. Logs only show me there is no unix account when having removed the unix user while keeping him in the smb database, but no further information for when there is both a unix and a smb account. Also, with unix and smb user in place, the Nautilus diaologue doesn't return an error message upon entering username and password for browsing the share, the window to either login as anonymous or as a registered user just shows up again. No notice given about guest login attempt in the logs, but at least an error message in Nautilus (permission denied).
At the moment I do not know where to look at. Checking for packages with dpkg --get-selections | grep samba (or smb) lists the same on both computers.

I guess that's the price we pay for convenience; having a nice frontend instead of editing via CLI of course is preferrable, but then it adds another layer of complexity. Anyway, I keep digging and posting my advance on the journey of getting usershares set up.

Interesting. I tried to open that share from the same computer as the user who created the share, but through other locations → Windows Network → Public → bobShare and got a permission denied error message as well.