Bug 2631 - Samba share disconnections
Summary: Samba share disconnections
Status: RESOLVED DUPLICATE of bug 2629
Alias: None
Product: Samba 3.0
Classification: Unclassified
Component: Domain Control (show other bugs)
Version: 3.0.13
Hardware: Sparc Solaris
: P3 critical
Target Milestone: none
Assignee: Samba Bugzilla Account
QA Contact: Samba QA Contact
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2005-04-20 05:22 UTC by Lars Timmann
Modified: 2005-04-20 06:01 UTC (History)
0 users

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Lars Timmann 2005-04-20 05:22:51 UTC
I have some Problems with using samba shares from Win2k-clients.
After a sucessful connection the user suddenly wents away and I get mapped tu
user guest after some mapping attempts for the empty [] user.
After reconnection to the share all is fine again for a while.

The samba is running with security=domain and gets the users from a NT4 PDC via
winbind. This works fine so far. I can get the users and groups via wbinfo and I
can see sucessful mappings in the logs like this:
[2005/04/19 16:01:48, 5] auth/auth_util.c:debug_nt_user_token(490)
  NT user token of user S-1-5-21-1455562967-1866484775-1788637320-1002
  contains 23 SIDs
  SID[  0]: S-1-5-21-1455562967-1866484775-1788637320-1002
  SID[  1]: S-1-5-21-1455562967-1866484775-1788637320-1525
  SID[  2]: S-1-1-0
  ...
  SE_PRIV  0x0 0x0 0x0 0x0
[2005/04/19 16:01:48, 5] auth/auth_util.c:debug_unix_user_token(506)
  UNIX token of user 30014
  Primary group is 30009 and contains 19 supplementary groups
  Group[  0]: 30000
  Group[  1]: 30001
  Group[  2]: 30002
  ...

But during a session a successful connected user gets lost:
[2005/04/19 16:02:47, 5] auth/auth_util.c:debug_nt_user_token(485)
  NT user token: (NULL)
[2005/04/19 16:02:47, 5] auth/auth_util.c:debug_unix_user_token(506)
  UNIX token of user 0
  Primary group is 0 and contains 0 supplementary groups
[2005/04/19 16:02:47, 5] smbd/uid.c:change_to_root_user(296)
  change_to_root_user: now uid=(0,0) gid=(0,0)
[2005/04/19 16:02:47, 3] smbd/sesssetup.c:reply_sesssetup_and_X(655)
  wct=12 flg2=0xc807
[2005/04/19 16:02:47, 3] smbd/sesssetup.c:reply_sesssetup_and_X_spnego(535)
  Doing spnego session setup
[2005/04/19 16:02:47, 3] smbd/sesssetup.c:reply_sesssetup_and_X_spnego(566)
  NativeOS=[Windows 2000 2195] NativeLanMan=[Windows 2000 5.0] PrimaryDomain=[]
[2005/04/19 16:02:47, 3] libsmb/ntlmssp.c:ntlmssp_server_auth(606)
  Got user=[] domain=[] workstation=[WORKSTATION] len1=1 len2=0
[2005/04/19 16:02:47, 6] param/loadparm.c:lp_file_list_changed(2707)
  lp_file_list_changed()
  file /etc/samba/smb.conf -> /etc/samba/smb.conf  last mod_time: Tue Apr 19
15:52:56 2005
 
[2005/04/19 16:02:47, 5] auth/auth_util.c:make_user_info_map(224)
  make_user_info_map: Mapping user []\[] from workstation [WORKSTATION]
[2005/04/19 16:02:47, 5] libsmb/trustdom_cache.c:trustdom_cache_fetch(184)
  no entry for trusted domain Domain found.
[2005/04/19 16:02:47, 5] auth/auth_util.c:make_user_info(132)
  attempting to make a user_info for  ()
[2005/04/19 16:02:47, 5] auth/auth_util.c:make_user_info(142)
  making strings for 's user_info struct
[2005/04/19 16:02:47, 5] auth/auth_util.c:make_user_info(184)
  making blobs for 's user_info struct
[2005/04/19 16:02:47, 3] auth/auth.c:check_ntlm_password(219)
  check_ntlm_password:  Checking password for unmapped user []\[]@[WORKSTATION]
with the new password interface
[2005/04/19 16:02:47, 3] auth/auth.c:check_ntlm_password(222)
  check_ntlm_password:  mapped user is: [Domain]\[]@[WORKSTATION]
[2005/04/19 16:02:47, 5] lib/util.c:dump_data(1995)
  [000] F7 FB D6 3A C6 3F CF B7                           ...:.?..
[2005/04/19 16:02:47, 4] lib/substitute.c:automount_server(335)
  Home server: aul480
[2005/04/19 16:02:47, 4] lib/substitute.c:automount_server(335)
  Home server: aul480
[2005/04/19 16:02:47, 3] auth/auth.c:check_ntlm_password(268)
  check_ntlm_password: guest authentication for user [] succeeded
[2005/04/19 16:02:47, 5] auth/auth.c:check_ntlm_password(305)
  check_ntlm_password:  guest authentication for user [] -> [] -> [nobody] succeeded
[2005/04/19 16:02:47, 5] auth/auth_util.c:free_user_info(1380)
  attempting to free (and zero) a user_info structure
[2005/04/19 16:02:47, 3] libsmb/ntlmssp_sign.c:ntlmssp_sign_init(319)
  NTLMSSP Sign/Seal - Initialising with flags:
[2005/04/19 16:02:47, 3] libsmb/ntlmssp.c:debug_ntlmssp_flags(62)
  Got NTLMSSP neg_flags=0x60088215
    NTLMSSP_NEGOTIATE_UNICODE
    NTLMSSP_REQUEST_TARGET
    NTLMSSP_NEGOTIATE_SIGN
    NTLMSSP_NEGOTIATE_NTLM
    NTLMSSP_NEGOTIATE_ALWAYS_SIGN
    NTLMSSP_NEGOTIATE_NTLM2
    NTLMSSP_NEGOTIATE_128
    NTLMSSP_NEGOTIATE_KEY_EXCH
[2005/04/19 16:02:47, 3] smbd/password.c:register_vuid(222)
  User name: nobody     Real name: nobody
[2005/04/19 16:02:47, 3] smbd/password.c:register_vuid(241)
  UNIX uid 60001 is UNIX user nobody, and will be vuid 905

As user nobody the connected session has no access rights...
Any idea what happens at this point?
[global]
        dos charset = CP850
        display charset = UTF8
        workgroup = DOMAIN        server string = Samba-Test-Server
        interfaces = 142.0.0.103/255.255.255.0
        bind interfaces only = Yes
        security = DOMAIN
        password server = PDC
        passdb backend = tdbsam
        log level = 7 winbind:9
        log file = /var/samba/log/%m_%U-%G_%S_%u-%g.log
        max log size = 5000
        ldap ssl = no
        idmap uid = 30000-40000
        idmap gid = 30000-40000
        winbind use default domain = Yes
        admin users = Administrator
        read only = No
        hosts allow = 142.0.0.0/255.255.255.0
        dos filemode = Yes
        # Yes, ugly umlauts here... but this seems to work so far
        valid users = @Domänen-Benutzer
        create mask = 0666
        directory mask = 2770

If you need further information please tell me.
I found another posting where a user has this problem with an much older release:
http://groups-beta.google.com/group/comp.protocols.smb/messages/9a8fee08c795da6f?hl=en&thread_id=fe35ab0326dc84e9&mode=thread&noheader=1&q=NativeLanMan%3D[Windows+2000+5.0]&_done=%2Fgroup%2Fcomp.protocols.smb%2Fbrowse_frm%2Fthread%2Ffe35ab0326dc84e9%2F9a8fee08c795da6f%3Fq%3DNativeLanMan%3D[Windows+2000+5.0]%26rnum%3D8%26#doc_9a8fee08c795da6f

Greetings
    Lars
Comment 1 Gerald (Jerry) Carter (dead mail address) 2005-04-20 06:01:12 UTC

*** This bug has been marked as a duplicate of 2629 ***