username map and security=server problems

Matthew Chapman z2232203 at student.unsw.edu.au
Wed Aug 12 14:59:56 GMT 1998 

This is a known problem with samba-1.9.18p8, which Jeremy posted a
patch for (attached).

    Matt


--
Matt Chapman
E-mail: mattyc at cyberdude.com

Christoph Doerbeck wrote:

> Greeetings,
>
> When I upgraded from samba-1.9.17p4 to samba-1.9.18p8, a feature
> which I had implemented broke.  In my smb.conf file, I defined
>
>         security=server
>         password server = bdc.foo.com.
>         username map = /opt/samba/lib/users.map
>
> This worked great!  My NT id is not like my Unix id, and this
> allowed me to connect to any service on the smb server with having
> to re-authenticate.
>
> Now, after the upgrade, this fails.  From observation of the log
> output (debug=4), it appears that the username map translation is
> performed prior to NT server authentication.  It looks like smb
> is passing my Unix Id to the NT server, instead of the smb connection
> id/password (my NT id).
>
> If you have any recommendations, suggestions, would like more detailed
> description of the problem... I would be very appreciative...
>
> Another observation, on 1.9.17p4 I toyed with using  'netbios name = smbgate'.
> This addition caused my "feature" to break and require authentication.
> Any ideas?
>
> ########################################
> #  Christoph Doerbeck
> #  email: doerbeck at dma.isg.mot.com
-------------- next part --------------
--- username.orig	Sun Aug  9 18:18:24 1998
+++ username.c	Sun Aug  9 18:21:14 1998
@@ -46,7 +46,6 @@
 ********************************************************************/
 BOOL map_username(char *user)
 {
-  static int depth=0;
   static BOOL initialised=False;
   static fstring last_from,last_to;
   FILE *f;
@@ -54,7 +53,7 @@
   pstring buf;
   char *mapfile = lp_username_map();
 
-  if (!*mapfile || depth)
+  if (!*mapfile)
     return False;
 
   if (!*user)
@@ -82,8 +81,6 @@
 
   DEBUG(4,("Scanning username map %s\n",mapfile));
 
-  depth++;
-
   while((s=fgets_slash(buf,sizeof(buf),f))!=NULL) {
     char *unixname = s;
     char *dosname = strchr(unixname,'=');
@@ -132,8 +129,6 @@
    */
   fstrcpy(last_from,user);
   fstrcpy(last_to,user);
-
-  depth--;
 
   return False;
 }

More information about the samba-ntdom mailing list