[Samba] Option valid user not expanded for groups
Tiucra-Popa Florin Catalin
popa_c at yahoo.com
Fri Apr 27 09:14:44 GMT 2007
Hi,
I have a AIX 5.3 machine with Samba 3.0.24c joined into one Windows 2003 ADS server OK.
I can request basic information, user lookup, domain lookup(wbinfo, id, net groupmap).
When I want to acces the share \\node05\brom from one Windows station I receive a popup window password.
In the log of the samba for that machine I found:
[2007/04/27 10:48:27, 2] auth/auth.c:check_ntlm_password(319)
check_ntlm_password: Authentication for user [] -> [] FAILED with error NT_ST ATUS_NO_SUCH_USER
[2007/04/27 10:48:28, 2] auth/auth.c:check_ntlm_password(319)
check_ntlm_password: Authentication for user [] -> [] FAILED with error NT_ST ATUS_NO_SUCH_USER
[2007/04/27 10:48:29, 2] smbd/sesssetup.c:setup_new_vc_session(799)
setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources.
[2007/04/27 10:48:29, 2] smbd/sesssetup.c:setup_new_vc_session(799)
setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources.
[2007/04/27 10:48:29, 2] auth/auth.c:check_ntlm_password(309)
check_ntlm_password: authentication for user [node05] -> [node05] -> [TPDCBR+ node05] succeeded
[2007/04/27 10:48:29, 2] smbd/service.c:make_connection_snum(580)
user 'TPDCBR+node05' (from session setup) not permitted to access this share ( brom)
[2007/04/27 10:48:53, 2] auth/auth.c:check_ntlm_password(319)
check_ntlm_password: Authentication for user [] -> [] FAILED with error NT_STATUS_NO_SUCH_USER
[2007/04/27 10:48:53, 2] smbd/sesssetup.c:setup_new_vc_session(799)
setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources.
[2007/04/27 10:48:53, 2] smbd/sesssetup.c:setup_new_vc_session(799)
setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources.
[2007/04/27 10:48:53, 2] auth/auth.c:check_ntlm_password(309)
check_ntlm_password: authentication for user [node05] -> [node05] -> [TPDCBR+node05] succeeded
[2007/04/27 10:48:53, 2] smbd/service.c:make_connection_snum(580)
user 'TPDCBR+node05' (from session setup) not permitted to access this share (brom)
My smb.conf looks like:
[global]
unix charset = LOCALE
workgroup = TPDCBR
realm = TPDCBR.ROM
netbios name = NODE05
dns proxy = No
server string = NODE05 AIX
security = ads
password server = 10.99.0.4
encrypt passwords = yes
name resolve order = host
log level = 10
syslog = 0
username map = /samba/private/smbusers
log file = /samba/var/log/%m
max log size = 5000
ldap ssl = no
winbind uid = 10000-59999
winbind gid = 10000-59999
idmap uid = 10000-60000
idmap gid = 10000-60000
template shell = /bin/ksh
winbind use default domain = Yes
winbind enum users = Yes
winbind enum groups = Yes
winbind nested groups = Yes
winbind separator = +
auth methods = winbind
acl compatibility = win2k
winbind cache time = 10
bind interfaces only = yes
client use spnego = no
socket address = 10.99.0.201
allow trusted domains = no
#use kerberos keytab = yes
socket options = TCP_NODELAY
#map acl inherit = Yes
[brom]
comment = inhouse brom
path = /u09/inhouse/brom
read only = No
browseable = yes
#valid users =@"Computers", @"domain users"
valid users = @"domain users"
create mask = 0777
directory mask = 0777
force create mode = 0777
force directory mode = 0777
I also made a test with only one user valid like this:
valid users = TPDCBR.ROM+node05
and this is working ok.
Thank you.
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
More information about the samba
mailing list