username map and encrypted passwords
malc at praxisint.com
malc at praxisint.com
Wed Oct 8 22:20:10 GMT 1997
Hello,
I'm running Samba 1.9.17p2 (compiled with DES) on FreeBSD 2.2-STABLE
and
trying to connect w/ NT 4.0 workstation SP3. I have updated the registry on
the NT box
correctly to enable clear text passwords. I have 'server = user' defined in
smb.conf. (the
rest of the smb.conf global defines are listed below). I have a username
map defined
as well since many of our NT user names are not the same as our unix user
names. If I
enable encrypted passwords and use the smbpasswd file then Samba does the
right thing with mapping usernames and logging in successfully. However, if
I
disable encrypted passwords, then apparently, only users who have the same
user name for NT and unix are able to log in successfully. Those users who
need username translation via the username map are unable to log in. The
symptoms are the same as if clear text passwords were not enabled on the NT
box ("incorrect username/password"). After looking at the Samba logs, it
looks
like the username map *is* in fact being scanned when a connection request
is received.
Here is a snippet from the log file (an unsuccessful connection)
pm_process() returned Yes
adding IPC service
Netmask for de0 = 255.255.255.0
Derived broadcast address 204.166.158.255
Added interface ip=204.166.158.149 bcast=204.166.158.255
nmask=255.255.255.0
10/08/97 11:43:45 loaded services
10/08/97 11:43:45 changed root to /
priming nmbd
sending a packet of len 1 to (127.0.0.1) on port 137 of type DGRAM
10/08/97 11:43:45 Transaction 0 of length 72
netbios connect: name1=SUN name2=WAIMEA
Scanning username map /usr/local/samba/lib/username.map
10/08/97 11:43:45 Transaction 1 of length 174
switch message SMBnegprot (pid 12543)
Requested protocol [PC NETWORK PROGRAM 1.0]
Requested protocol [XENIX CORE]
Requested protocol [MICROSOFT NETWORKS 1.03]
Requested protocol [LANMAN1.0]
Requested protocol [Windows for Workgroups 3.1a]
Requested protocol [LM1.2X002]
Requested protocol [LANMAN2.1]
Requested protocol [NT LM 0.12]
Selected protocol NT LM 0.12
end of file from client
Closing connections
10/08/97 11:43:45 Server exit (normal exit)
Here's are the globals in my smb.conf:
[global]
; logging debug level
debug level = 4
; workgroup = NT-Domain-Name or Workgroup-Name, eg: REDHAT4
workgroup = NTDOMAIN
; comment is the equivalent of the NT Description field
comment = Samba Server
; printing = BSD or SYSV or AIX, etc.
printing = bsd
printcap name = /etc/printcap
load printers = no
; log file
log file = /usr/local/samba/var/log.smb
; Put a capping on the size of the log files (in Kb)
max log size = 100
; Options for handling file name case sensitivity and / or preservation
; Case Sensitivity breaks many WfW and Win95 apps
case sensitive = yes
short preserve case = yes
preserve case = yes
; Security and file integrity related options
lock directory = /usr/local/samba/var/locks
locking = yes
; Strict locking is available for paranoid locking situations only
; enabling this severely degrades read / write performance.
; strict locking = yes
; fake oplocks = yes
share modes = yes
; enable Windows to Unix username translation
username map = /usr/local/samba/lib/username.map
; Security modes: USER uses Unix username/passwd, SHARE uses WfW type
passwords
; SERVER uses an other SMB server (eg: Windows NT Server or Samba)
; to provide authentication services
security = user
; enable encrypted passwords.
encrypt passwords = no
; WINS Server - Tells the NMBD components of Samba to be a WINS Client
; Note: Samba can be either a WINS Server, or a WINS Client, but NOT both
wins server = 204.166.158.8
Is there a solution? Something I missed? Is anyone else having the
same problem?
Thanks in Advance.
-Malc
More information about the samba
mailing list