[Samba] Problem authenticating user from trusted domain

Masopust, Christian christian.masopust at siemens.com
Wed Dec 6 10:58:32 GMT 2006 

Hi all,

i have a samba-server in domain named "WW300" and a user from domain "WW002"
tries to connect to one of my shares but fail. so i switched on logging and
looked what happens:

[2006/12/06 10:51:38, 5, pid=14054, effective(0, 0), real(0, 0)] auth/auth_util.c:make_user_info_map(225)
  make_user_info_map: Mapping user [WW002]\[E0420300] from workstation [E042017C]
[2006/12/06 10:51:38, 5, pid=14054, effective(0, 0), real(0, 0)] libsmb/trustdom_cache.c:trustdom_cache_fetch(184)
  no entry for trusted domain WW002 found.
[2006/12/06 10:51:38, 5, pid=14054, effective(0, 0), real(0, 0)] auth/auth_util.c:make_user_info(133)
  attempting to make a user_info for E0420300 (E0420300)
[2006/12/06 10:51:38, 5, pid=14054, effective(0, 0), real(0, 0)] auth/auth_util.c:make_user_info(143)
  making strings for E0420300's user_info struct
[2006/12/06 10:51:38, 5, pid=14054, effective(0, 0), real(0, 0)] auth/auth_util.c:make_user_info(185)
  making blobs for E0420300's user_info struct
[2006/12/06 10:51:38, 3, pid=14054, effective(0, 0), real(0, 0)] auth/auth.c:check_ntlm_password(219)
  check_ntlm_password:  Checking password for unmapped user [WW002]\[E0420300]@[E042017C] with the new password interface
[2006/12/06 10:51:38, 3, pid=14054, effective(0, 0), real(0, 0)] auth/auth.c:check_ntlm_password(222)
  check_ntlm_password:  mapped user is: [WW300]\[E0420300]@[E042017C]
[2006/12/06 10:51:38, 5, pid=14054, effective(0, 0), real(0, 0)] lib/util.c:dump_data(1977)
  [000] 29 FB 09 D0 A0 5C 97 40                           )....\.@
[2006/12/06 10:51:38, 8, pid=14054, effective(0, 0), real(0, 0)] lib/util.c:is_myname(1797)
  is_myname("WW300") returns 0
[2006/12/06 10:51:38, 6, pid=14054, effective(0, 0), real(0, 0)] auth/auth_sam.c:check_samstrict_security(358)
  check_samstrict_security: WW300 is not one of my local names (ROLE_DOMAIN_MEMBER)
[2006/12/06 10:51:38, 3, pid=14054, effective(0, 0), real(0, 0)] smbd/sec_ctx.c:push_sec_ctx(256)
  push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2006/12/06 10:51:38, 3, pid=14054, effective(0, 0), real(0, 0)] smbd/uid.c:push_conn_ctx(365)
  push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2006/12/06 10:51:38, 3, pid=14054, effective(0, 0), real(0, 0)] smbd/sec_ctx.c:set_sec_ctx(288)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2006/12/06 10:51:38, 5, pid=14054, effective(0, 0), real(0, 0)] auth/auth_util.c:debug_nt_user_token(486)
  NT user token: (NULL)
[2006/12/06 10:51:38, 5, pid=14054, effective(0, 0), real(0, 0)] auth/auth_util.c:debug_unix_user_token(505)
  UNIX token of user 0
  Primary group is 0 and contains 0 supplementary groups
[2006/12/06 10:51:38, 3, pid=14054, effective(0, 0), real(0, 0)] smbd/sec_ctx.c:pop_sec_ctx(386)
  pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2006/12/06 10:51:38, 5, pid=14054, effective(0, 0), real(0, 0)] auth/auth.c:check_ntlm_password(271)
  check_ntlm_password: winbind authentication for user [E0420300] FAILED with error NT_STATUS_NO_SUCH_USER
[2006/12/06 10:51:38, 2, pid=14054, effective(0, 0), real(0, 0)] auth/auth.c:check_ntlm_password(312)
  check_ntlm_password:  Authentication for user [E0420300] -> [E0420300] FAILED with error NT_STATUS_NO_SUCH_USER
[2006/12/06 10:51:38, 5, pid=14054, effective(0, 0), real(0, 0)] auth/auth_util.c:free_user_info(1318)
  attempting to free (and zero) a user_info structure


anyone having an idea what's happening here? why is my user from ww002 mapped to
ww300?

thanks a lot,
christian

P.S.: samba is version 3.0.10 (i already tried it with 3.0.23c, same problem....)

More information about the samba mailing list