I was able to connect to a service in Samba 2.2.8a as a mapped user. This now fails under Samba 3.0.14a. I am not able to get Samba 3.0.20pre2 or 3.0.20 smbd to run successfully. It fails with a SEGV. From samba 2.2.8a (excerpts from level 10 log) [2005/08/25 13:31:11, 3, pid=29053] smbd/reply.c:(880) Domain=[americase] NativeOS=[Windows 2002 Service Pack 2 2600] NativeLanMan=[Windows 2002 5.1] [2005/08/25 13:31:11, 3, pid=29053] smbd/reply.c:(890) sesssetupX:name=[pnmadm09] [2005/08/25 13:31:11, 3, pid=29053] lib/username.c:(168) Mapped user pnmadm09 to boehm [2005/08/25 13:31:11, 3, pid=29053] libsmb/namequery.c:(769) resolve_lmhosts: Attempting lmhosts lookup for name ZRTPD0PP<0x20> [2005/08/25 13:31:11, 3, pid=29053] lib/util_sock.c:(845) Connecting to 47.140.205.113 at port 445 [2005/08/25 13:31:12, 3, pid=29053] smbd/password.c:(336) uid 20718 registered to name boehm [2005/08/25 13:31:12, 3, pid=29053] smbd/password.c:(338) Clearing default real name [2005/08/25 13:31:12, 3, pid=29053] smbd/password.c:(340) User name: boehm Real name: Eric Boehm,0904459 [2005/08/25 13:31:12, 3, pid=29053] smbd/password.c:(736) authorise_login: ACCEPTED: validated uid ok as non-guest (user=boehm) [2005/08/25 13:31:12, 1, pid=29053] smbd/service.c:(636) boehm-1 (47.143.20.49) connect to service export as user boehm (uid=20718, gid=2245) (pid 29053) From 3.0.14a logs 1. Connecting as user boehm [2005/08/25 13:29:28, 3, pid=28608] ../source/libsmb/ntlmssp.c:(606) Got user=[BOEHM] domain=[AMERICASE] workstation=[BOEHM-1] len1=24 len2=24 [2005/08/25 13:29:29, 3, pid=28608] ../source/auth/auth.c:(219) check_ntlm_password: Checking password for unmapped user [AMERICASE]\[BOEHM]@ [BOEHM-1] with the new password interface [2005/08/25 13:29:30, 2, pid=28608] ../source/auth/auth.c:(305) check_ntlm_password: authentication for user [BOEHM] -> [BOEHM] -> [boehm] succeeded [2005/08/25 13:29:30, 3, pid=28608] ../source/smbd/password.c:(241) UNIX uid 20718 is UNIX user boehm, and will be vuid 101 [2005/08/25 13:29:30, 1, pid=28608] ../source/smbd/service.c:(642) boehm-1 (47.143.20.49) connect to service export initially as user boehm (uid=20718, gid=2245) (pid 28608) 2. Connect as user pnmadm09 which is mapper to boehm [2005/08/25 13:30:02, 3, pid=28786] ../source/libsmb/ntlmssp.c:(606) Got user=[pnmadm09] domain=[americase] workstation=[BOEHM-1] len1=24 len2=24 [2005/08/25 13:30:03, 2, pid=28786] ../source/auth/auth.c:(312) check_ntlm_password: Authentication for user [pnmadm09] -> [boehm] FAILED wit h error NT_STATUS_NO_SUCH_USER Level 10 logs are available
don't suppose you read the release notes did you? This was in 3.0.8. See if it applies to you. ====================== Change in Username Map ====================== Previous Samba releases would only support reading the fully qualified username (e.g. DOMAIN\user) from the username map when performing a kerberos login from a client. However, when looking up a map entry for a user authenticated by NTLM[SSP], only the login name would be used for matches. This resulted in inconsistent behavior sometimes even on the same server. Samba 3.0.8 obeys the following rules when applying the username map functionality: * When performing local authentication, the username map is applied to the login name before attempting to authenticate the connection. * When relying upon a external domain controller for validating authentication requests, smbd will apply the username map to the fully qualified username (i.e. DOMAIN\user) only after the user has been successfully authenticated.
Eric, could you attach your smb.conf and your current username map file? Thanks.
Created attachment 1400 [details] Top-level smb.conf Jerry asked me to attach my smb.conf (really 3 files, smb.conf, smb.conf.global.`hostname` and smb.conf.shares.`hostname`) and my username.map
Created attachment 1401 [details] Global settings smb.conf Jerry asked me to attach my smb.conf (really 3 files, smb.conf, smb.conf.global.`hostname` and smb.conf.shares.`hostname`) and my username.map
Created attachment 1402 [details] Shares smb.conf for host Jerry asked me to attach my smb.conf (really 3 files, smb.conf, smb.conf.global.`hostname` and smb.conf.shares.`hostname`) and my username.map
Created attachment 1403 [details] username map Jerry asked me to attach my smb.conf (really 3 files, smb.conf, smb.conf.global.`hostname` and smb.conf.shares.`hostname`) and my username.map Attached username.map has boehm = pnmadm09 I later found that boehm = americase\pnmadm09 or americase\boehm = americase\pnmadm09 will work after all
Eric says he got it to work so closing bug.