I have some Problems with using samba shares from Win2k-clients. After a sucessful connection the user suddenly wents away and I get mapped tu user guest after some mapping attempts for the empty [] user. After reconnection to the share all is fine again for a while. The samba is running with security=domain and gets the users from a NT4 PDC via winbind. This works fine so far. I can get the users and groups via wbinfo and I can see sucessful mappings in the logs like this: [2005/04/19 16:01:48, 5] auth/auth_util.c:debug_nt_user_token(490) NT user token of user S-1-5-21-1455562967-1866484775-1788637320-1002 contains 23 SIDs SID[ 0]: S-1-5-21-1455562967-1866484775-1788637320-1002 SID[ 1]: S-1-5-21-1455562967-1866484775-1788637320-1525 SID[ 2]: S-1-1-0 ... SE_PRIV 0x0 0x0 0x0 0x0 [2005/04/19 16:01:48, 5] auth/auth_util.c:debug_unix_user_token(506) UNIX token of user 30014 Primary group is 30009 and contains 19 supplementary groups Group[ 0]: 30000 Group[ 1]: 30001 Group[ 2]: 30002 ... But during a session a successful connected user gets lost: [2005/04/19 16:02:47, 5] auth/auth_util.c:debug_nt_user_token(485) NT user token: (NULL) [2005/04/19 16:02:47, 5] auth/auth_util.c:debug_unix_user_token(506) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2005/04/19 16:02:47, 5] smbd/uid.c:change_to_root_user(296) change_to_root_user: now uid=(0,0) gid=(0,0) [2005/04/19 16:02:47, 3] smbd/sesssetup.c:reply_sesssetup_and_X(655) wct=12 flg2=0xc807 [2005/04/19 16:02:47, 3] smbd/sesssetup.c:reply_sesssetup_and_X_spnego(535) Doing spnego session setup [2005/04/19 16:02:47, 3] smbd/sesssetup.c:reply_sesssetup_and_X_spnego(566) NativeOS=[Windows 2000 2195] NativeLanMan=[Windows 2000 5.0] PrimaryDomain=[] [2005/04/19 16:02:47, 3] libsmb/ntlmssp.c:ntlmssp_server_auth(606) Got user=[] domain=[] workstation=[WORKSTATION] len1=1 len2=0 [2005/04/19 16:02:47, 6] param/loadparm.c:lp_file_list_changed(2707) lp_file_list_changed() file /etc/samba/smb.conf -> /etc/samba/smb.conf last mod_time: Tue Apr 19 15:52:56 2005 [2005/04/19 16:02:47, 5] auth/auth_util.c:make_user_info_map(224) make_user_info_map: Mapping user []\[] from workstation [WORKSTATION] [2005/04/19 16:02:47, 5] libsmb/trustdom_cache.c:trustdom_cache_fetch(184) no entry for trusted domain Domain found. [2005/04/19 16:02:47, 5] auth/auth_util.c:make_user_info(132) attempting to make a user_info for () [2005/04/19 16:02:47, 5] auth/auth_util.c:make_user_info(142) making strings for 's user_info struct [2005/04/19 16:02:47, 5] auth/auth_util.c:make_user_info(184) making blobs for 's user_info struct [2005/04/19 16:02:47, 3] auth/auth.c:check_ntlm_password(219) check_ntlm_password: Checking password for unmapped user []\[]@[WORKSTATION] with the new password interface [2005/04/19 16:02:47, 3] auth/auth.c:check_ntlm_password(222) check_ntlm_password: mapped user is: [Domain]\[]@[WORKSTATION] [2005/04/19 16:02:47, 5] lib/util.c:dump_data(1995) [000] F7 FB D6 3A C6 3F CF B7 ...:.?.. [2005/04/19 16:02:47, 4] lib/substitute.c:automount_server(335) Home server: aul480 [2005/04/19 16:02:47, 4] lib/substitute.c:automount_server(335) Home server: aul480 [2005/04/19 16:02:47, 3] auth/auth.c:check_ntlm_password(268) check_ntlm_password: guest authentication for user [] succeeded [2005/04/19 16:02:47, 5] auth/auth.c:check_ntlm_password(305) check_ntlm_password: guest authentication for user [] -> [] -> [nobody] succeeded [2005/04/19 16:02:47, 5] auth/auth_util.c:free_user_info(1380) attempting to free (and zero) a user_info structure [2005/04/19 16:02:47, 3] libsmb/ntlmssp_sign.c:ntlmssp_sign_init(319) NTLMSSP Sign/Seal - Initialising with flags: [2005/04/19 16:02:47, 3] libsmb/ntlmssp.c:debug_ntlmssp_flags(62) Got NTLMSSP neg_flags=0x60088215 NTLMSSP_NEGOTIATE_UNICODE NTLMSSP_REQUEST_TARGET NTLMSSP_NEGOTIATE_SIGN NTLMSSP_NEGOTIATE_NTLM NTLMSSP_NEGOTIATE_ALWAYS_SIGN NTLMSSP_NEGOTIATE_NTLM2 NTLMSSP_NEGOTIATE_128 NTLMSSP_NEGOTIATE_KEY_EXCH [2005/04/19 16:02:47, 3] smbd/password.c:register_vuid(222) User name: nobody Real name: nobody [2005/04/19 16:02:47, 3] smbd/password.c:register_vuid(241) UNIX uid 60001 is UNIX user nobody, and will be vuid 905 As user nobody the connected session has no access rights... Any idea what happens at this point? [global] dos charset = CP850 display charset = UTF8 workgroup = DOMAIN server string = Samba-Test-Server interfaces = 142.0.0.103/255.255.255.0 bind interfaces only = Yes security = DOMAIN password server = PDC passdb backend = tdbsam log level = 7 winbind:9 log file = /var/samba/log/%m_%U-%G_%S_%u-%g.log max log size = 5000 ldap ssl = no idmap uid = 30000-40000 idmap gid = 30000-40000 winbind use default domain = Yes admin users = Administrator read only = No hosts allow = 142.0.0.0/255.255.255.0 dos filemode = Yes # Yes, ugly umlauts here... but this seems to work so far valid users = @Domänen-Benutzer create mask = 0666 directory mask = 2770 If you need further information please tell me. I found another posting where a user has this problem with an much older release: http://groups-beta.google.com/group/comp.protocols.smb/messages/9a8fee08c795da6f?hl=en&thread_id=fe35ab0326dc84e9&mode=thread&noheader=1&q=NativeLanMan%3D[Windows+2000+5.0]&_done=%2Fgroup%2Fcomp.protocols.smb%2Fbrowse_frm%2Fthread%2Ffe35ab0326dc84e9%2F9a8fee08c795da6f%3Fq%3DNativeLanMan%3D[Windows+2000+5.0]%26rnum%3D8%26#doc_9a8fee08c795da6f Greetings Lars
*** This bug has been marked as a duplicate of 2629 ***