Bug 1317 - username@mydomain format authentication fails on non-domain member client
username@mydomain format authentication fails on non-domain member client
Status: CLOSED FIXED
Product: Samba 3.0
Classification: Unclassified
Component: ntlm_auth tool
3.0.3
All Solaris
: P3 normal
: none
Assigned To: Andrew Bartlett
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2004-05-03 08:36 UTC by Jay Anderson
Modified: 2005-08-24 10:15 UTC (History)
1 user (show)

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Jay Anderson 2004-05-03 08:36:33 UTC
A non-domain member client trying to connect to a share using credentials in
username@mydomain.com format will fail to authenticate. Samba appears to not
break the string into username and domain components, and instead tries to use
entire string as the username. Windows servers will authenticate this string
properly, and Samba 2.2.8a also authenticated it properly. Works properly if
Windows client is a domain member.
Comment 1 Stefan Metzmacher 2004-10-20 17:12:09 UTC
the domain must be an empty string
and the username can be:
administrator@w2k3.vmnet1.vm.base
or
administrator@w2k3

we should try to make it possible to set the users domain to an empty string
from the command line, but currently that fails:

bin/smbclient //w2k3-101/c$ -U "\\administrator@w2k3"

I have reproduced that with a smbclient for samba4 and this patch:


Index: client/client.c
===================================================================
--- client/client.c     (revision 3047)
+++ client/client.c     (working copy)
@@ -2758,7 +2758,7 @@
                return NULL;
        }

-       status = smbcli_session_setup(c, username, password, domain);
+       status = smbcli_session_setup(c, username, password, "");
        if (NT_STATUS_IS_ERR(status)) {
                d_printf("authenticated session setup failed: %s\n",
nt_errstr(status));
                /* if a password was not supplied then try again with a null
username */
Comment 2 Gerald (Jerry) Carter 2004-10-29 07:48:43 UTC
fixed for 3.0.8
Comment 3 Gerald (Jerry) Carter 2005-08-24 10:15:37 UTC
sorry for the same, cleaning up the database to prevent unecessary reopens of bugs.