null session %U expansion (patch)

thwartedefforts at thwartedefforts at
Fri Oct 30 02:19:40 GMT 1998

No one responded with comments concerning the implementation
of a workaround for when a client sends a null username over 
an already validated connection and how that effects %U
expansion, so I implemented it with parameters that enable 
it or disable it.

A patch and a readme are available at

It would be really cool if someone out there in samba land
could evaluate this patch for fitness and possibly apply
it to the cvs tree, or at the very least tell me what
I'm doing wrong.

The contents of the readme are as follows:

This works around an aspect of NT4 wherein the NT4 
client sends a request to samba over a connection that 
has already been validated, but does not include a 
username/password.  When a username is not specified by
the client, samba automaticly assigns guest permissions 
and changes the value that %U expands to.  This can make
things confusing if have macro expansions in include
files that depend on things like the username.

Two new global parameters are added:

  null overrides valid user expansion = yes/no (default yes)
  guest overrides valid user expansion = yes/no (default yes)

When set to no, implict guest access will not change the expansion of
of %U (sesssetup_user).  The default being yes makes samba use the
original behaviour.

The files patched are:

More information about the samba-ntdom mailing list