Samba looking up hostnames in passwd NIS map??
Jesse Asher
jwasher at orion.hd.intel.com
Mon Dec 4 20:46:14 GMT 2000
Here is my smb.conf file:
; This is the global samba file.
;
[global]
client code page = 437
workgroup = SAMBA
netbios name = %h
netbios aliases = cwsmb
server string = EC Samba Server %h
bind interfaces only = No
security = USER
encrypt passwords = No
update encrypted = No
allow trusted domains = Yes
min password length = 5
map to guest = Never
null passwords = No
; smb passwd file = /opt/local/samba/private/smbpasswd
root directory = /
passwd program = /bin/passwd
passwd chat = *new*password* %n\n *new*password* %n\n *changed*
passwd chat debug = Yes
password level = 10
username level = 0
unix password sync = No
restrict anonymous = Yes
use rhosts = No
debug level = 100
syslog = 2
syslog only = No
log file = /opt/local/samba/var/log.%h.%m
max log size = 500
debug timestamp = Yes
protocol = NT1
read bmpx = No
read raw = Yes
write raw = Yes
nt smb support = Yes
nt pipe support = Yes
nt acl support = Yes
announce version = 4.2
announce as = NT
max mux = 50
max xmit = 65535
name resolve order = host wins
max ttl = 259200
max wins ttl = 518400
min wins ttl = 21600
time server = No
change notify timeout = 300
deadtime = 1440
getwd cache = Yes
keepalive = 300
lpq cache time = 10
max disk size = 0
max open files = 10000
read prediction = No
read size = 16384
shared mem size = 5242880
socket options = TCP_NODELAY
stat cache size = 50
load printers = No
printcap name = /etc/printcap
printer driver file = /opt/local/samba/lib/printers.def
strip dot = No
mangled stack = 50
stat cache = Yes
machine password timeout = 604800
; logon path = \\%N\%U\profile
; logon home = \\%L\%U
domain logons = No
os level = 20
preferred master = No
local master = Yes
domain master = No
browse list = Yes
dns proxy = Yes
wins proxy = No
wins support = No
kernel oplocks = Yes
ole locking compatibility = Yes
oplock break wait time = 10
; smbrun = /opt/local/samba/bin/smbrun
lock dir = /opt/local/samba/var/locks
socket address = 0.0.0.0
time offset = 0
unix realname = No
NIS homedir = No
revalidate = No
guest account = nobody
invalid users = root
writeable = Yes
create mask = 0775
force create mode = 0775
security mask = -1
force security mode = -1
directory mask = 0775
force directory mode = 00
directory security mask = -1
force directory security mode = -1
guest only = No
guest ok = No
only user = No
status = Yes
max connections = 0
min print space = 0
strict sync = No
sync always = No
printable = No
postscript = No
printing = bsd
print command = lpr -r -P%p %s
lpq command = lpq -P%p
lprm command = lprm -P%p %j
printer driver = NULL
default case = lower
case sensitive = No
preserve case = Yes
short preserve case = Yes
mangle case = No
mangling char = ~
hide dot files = Yes
delete veto files = No
map system = No
map hidden = No
map archive = Yes
mangled names = Yes
browseable = Yes
blocking locks = Yes
fake oplocks = No
locking = Yes
oplocks = Yes
level2 oplocks = No
oplock contention limit = 2
strict locking = No
share modes = Yes
available = Yes
fstype = NTFS
set directory = No
wide links = Yes
follow symlinks = Yes
delete readonly = No
dos filetimes = No
dos filetime resolution = No
fake directory create times = No
dont descend = /etc,/proc
;These are the static - non changing shares
include = /opt/local/samba/lib/smb.conf.static
;These shares are generated from the automount table
include = /opt/local/samba/lib/smb.conf.amd
Robert Dahlem wrote:
> Jesse,
>
> On Mon, 04 Dec 2000 08:56:43 -0500, Jesse Asher wrote:
>
> >I've looked through the archives for this list and couldn't find
> >mention of a strange behavior I'm seeing.
> >
> >I've got a Win98 system that is trying to map a share from my Samba
> >server running Solaris 7 and Samba 2.0.7.
> >
> >When I map the network drive (the share is /tmp on the server),
> >Samba does attempt to contact the NIS server (the nsswitch.conf file
> >has "hosts: files nis"), but it looks up the hostname of the Win98
> >box i(jwasher-mobl) n the passwd NIS map! As you can see below, it
> >makes various NIS calls and then finally queries my real loginid
> >(jwasher) and quits.
>
> [...]
>
> >Why is it doing this? This is very inefficient. If it does this for
> >every connection, that seems like a huge waste. Any ideas on why
> >this would be happening?
>
> You might try to spend some time reading the man page for smb.conf.
> Under "security = share" you will find a part beginning with:
>
> As clients are not required to send a username to the server in
> share level security, smbd uses several techniques to determine
> the correct UNIX user to use on behalf of the client.
>
> A list of possible UNIX usernames to match with the given client
> password is constructed using the following methods :
>
> And (a little later)
>
> The NetBIOS name of the client is added to the list as a potential
> username.
>
> I bet your problem is "security = share".
>
> Reagrds,
> Robert
>
> --
> ---------------------------------------------------------------
> Robert.Dahlem at gmx.net Fax +49-69-432647
> ---------------------------------------------------------------
>
> Sent using PMMail (http://www.pmmail2000.com) - fast, decent, email
> software; far better than Outlook. Try it sometime.
--
Jesse W. Asher
Sr. Manager of Information Technology
Intel Corporation
Office: (727)953-7004
-------------- next part --------------
A non-text attachment was scrubbed...
Name: jwasher.vcf
Type: text/x-vcard
Size: 403 bytes
Desc: Card for Jesse Asher
Url : http://lists.samba.org/archive/samba/attachments/20001204/e1b2069b/jwasher.vcf
More information about the samba
mailing list