The Samba-Bugzilla – Bug 3932
SaMBa gives error "xxx is a domain, not a user" when username = servername (security = SHARE only)
Last modified: 2006-07-14 10:00:09 UTC
I'm using SaMBa to share homedirs of a linux server. Since version 3.0.23, when i try to reach the homedir of a user that have the server's name i have this error:
[user_name_here] is a Domain, not a user
This happens only with security = SHARE (works fine w/ security = USER) and only for shares like \\my_servername\my_servername, all other homedirs (\\my_servername\root, \\my_servername\user1, \\my_servername\public, etc.) are OK.
My smb.conf is very simple:
workgroup = MY_WKGRP
security = SHARE
encrypt passwords = No
blocking locks = No
path = /pub
guest ok = Yes
read only = No
browseable = No
veto oplock files = /*.MDB/*.LDB/*.ldb/*.mdb/
Bringing back SaMBa 3.0.22 or using "security = USER" does the trick but as i have public shares, i'd like to keep "security = SHARE".
I reproduced the error on two servers, both where compiled from the sources with this options:
./configure --prefix=/opt/samba-3.0.23 --disable-cups --without-ads --without-winbind --without-ldap
Step to reproduce: Go to security = SHARE and create a unix account that have the same name of the server and try to connect to the shared homedir.
Result: unable to mount the shared homedir.
Result expected: should be able to mount every account on the system, even the one that have the server's name.
I don't see anyway around this.
Indeed - this is the "correct" behavior in a Windows network. You can't have a user the same name as a machine - it's like trying to have a user and service principal in a kerberos KDC with the same name. Can't happen.
I wasn't aware of that, too bad this restrinction was working till version 3.0.22!
Is making DNS aliases a good way to workaround? If "my_servername_alias" is a DNS alias of "my_servername", then \\my_servername_alias\my_servername should be readable or do i need to change the username?