smb.conf (slightly edited): [global] client lanman auth = no client NTLMv2 auth = yes client plaintext auth = no client use spnego = no create mask = 0644 encrypt passwords = yes guest account = smbguest kernel change notify = no log level = 1 map archive = no name resolve order = wins hosts bcast netbios name = server1 password server = * security = domain server signing = auto server string = socket options = TCP_NODELAY SO_KEEPALIVE SO_SNDBUF=32768 SO_RCVBUF=32768 strict locking = no username map = /usr/local/samba/lib/username.map utmp = yes wide links = no wins server = XXX.XXX.XXX.XXX workgroup = OURDOMAIN [share1] browseable = no path = /spare/share valid users = unixuser1 unixuser2 smbguest write list = unixuser2 username.map: !unixuser2 = domainuser_2 domainuser_3 !unixuser1 = domainuser_1 smbguest = * Reproducing the symptom: - map share1 as any domain user - in Windows Explorer (Win2k SP4), right click on any file in share1 and select 'Properties' - click 'Security' tab - file owner is ALWAYS shown as 'smbguest (SERVER1\unixfileowner)' - file group is shown (correctly) as 'unixfilegroup (SERVER1\unixfilegroup)' Further Information: I have discovered that if 'unixfileowner = unixfileowner' is added to username.map the file owner is shown correctly as 'unixfileowner (SERVER1 \unixfileowner)'. Samba 2.2.8a displays the file owner correctly without modifying username.map. Speculation: After adding a few well placed debugs it appears that when Samba is populating the Name field of the Security tab the function 'local_lookup_name' calls the function 'map_username' with 'unixfileowner' as the argument. In the unmodified username.map file 'unixfileowner' can never match any RHS and consequently falls through to the wildcard entry.
*** Bug 1948 has been marked as a duplicate of this bug. ***
Domain users have to be fully qualified in all configuration files from 3.0.8 onwards. Details are described in the release notes.