Sorry if this bug is already out there. I searched and could not find a related bug report.
A username map operation works in 3.0.24 and does not work in 3.0.25rc3.
I built 3.0.25.rc3 on Solaris 9. I have successfully joined Samba to a Windows 2003 AD. I can successfully access shares with a Windows/Domain login name that matches a Unix login name. The successfull test Windows login name is "jdadams" or "gs\jdadams".
If I try to use username map to map a Windows/Domain login to a UNIX login, I get this message in the Samba Computer name log file:
[2007/05/05 10:42:41, 1] auth/auth_util.c:create_token_from_username(1110)
sid_to_uid for jdadams (S-1-22-1-14229) failed
The test Windows/Domain login name = "jdadams-ou" or "gs\jdadams-ou"
The username map file contains this single line:
jdadams = gs\jdadams-ou
The error message makes me think the mapping has occurred because "jdadams" and not "jdadams-ou" appears in the log file but something is breaking after the mapping occurs.
I was jumping from 3.0.12.rc1 to 3.0.25.rc3 so I had not tried 3.0.24 until I experienced this problem. I encounted the problem, built/installed 3.0.24, and used all the same config files and 3.0.24 worked first try.
Hope this helps 3.0.25 and does not distract.
I'm not looking for a fix any time soon. I'm going to run on 3.0.24.
Before building Samba, I built/installed these two packages into /usr/local
CC=gcc ./configure --disable-slapd --disable-backends --disable-overlays --disable-slurpd
./configure --with-included-popt --with-acl-support --with-ads --with-krb5=/usr/local
bash-2.05# gcc --version
gcc (GCC) 3.4.2
Created attachment 2682 [details]
Samba config file
Created attachment 2683 [details]
Kerberos config file
Created attachment 2684 [details]
Logs during failure
GZIP tar file of the var sub-directory containing all logs with debug level 10 turned on. Hopefully these logs contain one failed connect attempt with Windows user name "jdadams-ou" failing to username map correctly to UNIX user name/id "jdadams".
Created attachment 2685 [details]
Logs with successful connection
GZIP tar file of the var sub-directory containing all logs with debug level 10 turned on. This is the same var logs directory containing the failed username map attempt followed by a success connection with the non-mapped Windows username of "jdadams".
Joe, I think rhis works in 3.0.25a, any chance you can test and report if it is still a problem for you?
Will do. Will try to complete testing this week.