SIDENOTE: if your searching by cifs, you should instead search by smb or samba. Cifs is an older version of SMB. Samba is the linux version of smb that talks with smb (and cifs, the older version of smb)
By default when we go to \\ip\ in explorer (ip is the address of our samba server / NAS) windows will use our current windows login to access the NAS. What if you wanted to login as someone else? Well when you click on a share or go \\ip\ windows might popup a credential window asking for username (where you can also enter domain + username combo) and password. However if you already logged in, or windows remembered / cached your credentials – it might not ask again. So its useful to know how to change your session. Windows stores your connection to the samba server as whole in an IPC$ connection. So if we reconnect to the IPC$ with a different user, we will be able to see that users shares. I will use samba server / NAS interchangeably.
SIDENOTE: the admin user in the ReadyNAS can see every share and also every volume (thats the same admin user that you used to login to the GUI). So make sure your admin user has a very secure password. The ReadyNAS admin user for the GUI has the same password as the root user (used for SSH sessions, if you enabled SSH) and also the admin samba user. admin should not be confused with Administrator user (Windows domains and PCs have an “Administrator” user, not an “admin” user).
How to change user
Open up CMD in Windows. Windows+R, type cmd, ENTER key (DO NOT open up cmd as Admin user, because we need to have net use show us the current samba connections for the current user we are connected to in windows)
List your current samba connections that are mapped and also regular explorer connections that one connected with \\ip (those are usually listed as IPC$): net use
C:\Users\infotinks> net use New connections will be remembered. Status Local Remote Network ----------------------------------------------------------- OK \\10.10.10.10\IPC$ Microsoft Windows Network
Optionally close any explorer windows that you have to your NAS or Samba server. It doesnt matter though, as a refresh after changing use should be good
Make sure there are no connections to our NAS or Samba Severs IP with an IPC$. Here we see our NAS (10.10.10.10) with an IPC$ connection. So lets delete it (now we are no longer going to be connected)
Now delete that with: net use \\10.10.10.10\IPC$ /delete
Next connect up with a different user:
net use \\10.10.10.10\IPC$ /user:user1
that should prompt for password, if you want to enter it directly use this method:
net use \\10.10.10.10\IPC$ /user:user1 user1spassword
Check out the shares that user1 has access to with: net view <ip>
C:\Users\infotinks>net view 10.10.10.10 Shared resources at 10.10.10.10 mynas Share name Type Used as Comment ------------------------------------------------------ share1 Disk share2 Disk The command completed successfully.
Also you can see these stats with:
net use \\ip\share
net use \\ip\IPC$
C:\Users\infotinks>net use \\10.10.10.10\IPC$ Local name Remote name \\10.10.10.10\IPC$ Resource type IPC Status OK # Opens 0 # Connections 1 The command completed successfully.
How to expose your data volumes on a ReadyNAS?
If you use “admin” user on a ReadyNAS you will see a whole lot more than just your shares (including your data volume, which will contain your shares as well). on a ReadyNAS you can use a secret “admin” login to access and see the entire data volume (not just the shares. Make sure to use your admin password
net use \\10.10.10.10\IPC$ /user:admin
net use \\10.10.10.10\IPC$ /user:admin adminpassword
Open up explorer to \\10.10.10.10 and you will see all of your shares, and your home share (which contains all of the home folders), and you will see a share for each volume. So I see share1, home, data (data is my volume name). If I go into data (\\10.10.10.10\data) I will again see share1, home, and all of the folders and files that are on the root of the data volume.
The NAS makes shares like this:
share1 – /data/share1
user1 home share – /data/home/user1
data – /data
So if you go into data of course you will see “share1” again and you will see “home”
C:\Users\infotinks>net view \\10.10.10.10\ Shared resources at \\10.10.10.10\ mynas Share name Type Used as Comment ------------------------------------------ data Disk Volume 'data' home Disk Private user folders share1 Disk The command completed successfully.
- On a ReadyNAS the “admin” user & if joined to a domain the “Administrator” & “Domain Admins” users have full privileged view on the ReadyNAS, meaning they can see all of the shares, the home shares, and the data volumes. While guest (anonymous access, login not required / you can put in any username & password and get guest access), and everyone (everyone refers to all of the regular referenced samba users, so that can be your readynas local user database, or your active directory user database) only have access to view the shares they are allowed to see.
- If your logged in as a Domain Admin on your domain joined PC, you should be able to access the admin user view on ReadyNAS thats joined to the domain (not tested)
- If you have a username on your windows PC called admin with the same password as the ReadyNAS admin user then when you enter your NAS ip it should connect as admin adn you will see /data and /home and all of your shares.
- Windows only allows 1 connection by the same user. You have to disconnect all previous connections to the server or shared resource and try again (disconnect with net use \\ip\ /delete, or net use k: \\ip\share /delete)
You might see this error:
## connect to the NAS with admin credentials C:\Users\infotinks>net use \\10.10.10.10\IPC$ /user:admin myadminpassword some success message ## checking our connections to IPC C:\Users\infotinks>net use New connections will be remembered. Status Local Remote Network ------------------------------------------------------------ OK \\10.10.10.10\IPC$ Microsoft Windows Network The command completed successfully. ## Lets try to mount share1 to drive letter k: C:\Users\kostia>net use k: \\10.10.10.10\share1 /user:user1 System error 1219 has occurred. Multiple connections to a server or shared resource by the same user, using more than one user name, are not allowed. Disconnect all previous connections to the server or shared resource and try again.
- you can’t map an IPC$ to a drive letter like this. think of IPC$ as the main user credential windows will use when you connect to your nas via \\ip\ or \\ip\share1
- you can disconnect/delete all connections to samba (including all mapped drives) with net use * /delete
- Map a drive with a different user with net use (more info: http://www.howtogeek.com/118452/how-to-map-network-drives-from-the-command-prompt-in-windows/). If you use /P:yes it makes it persistent
net use k: \\ip\share1 /user:user1 /P:yes
- Map a drive with a different user with GUI (right click and hit Map a Network drive, or google “how to map network drive in windows” – here is how you do it in windows 7, should be similar in all latest windows: https://help.lafayette.edu/samba/win7nondomain and https://oit-nb.rutgers.edu/documentation/remote-drive-mapping-samba/samba-remote-drive-mapping-windows-7)
- Use credential manager and it lets you change that IPC$ via a GUI. Basically you select a resource address which will be 10.10.10.10 or \\10.10.10.10\ and then a username and password. Then when you try to access anything in that address it will use your selected username and password. More on IPC$ https://en.wikipedia.org/wiki/Net_use and http://www.governmentsecurity.org/_/articles/hack-exploit-ipc-share.html and http://smallvoid.com/article/winnt-ipc-share.html