null session %U expansion (patch)

Jeremy Allison jallison at
Fri Oct 30 18:00:54 GMT 1998

thwartedefforts at wrote:
> No one responded with comments 

Sorry about that - I've been just a bit busy...

> concerning the implementation
> of a workaround for when a client sends a null username over
> an already validated connection and how that effects %U
> expansion, so I implemented it with parameters that enable
> it or disable it.
> A patch and a readme are available at
> It would be really cool if someone out there in samba land
> could evaluate this patch for fitness and possibly apply
> it to the cvs tree, or at the very least tell me what
> I'm doing wrong.

Yeah I took a look at it and I'm not convinced it's needed.
Resons follow.

> This works around an aspect of NT4 wherein the NT4
> client sends a request to samba over a connection that
> has already been validated, but does not include a
> username/password.  When a username is not specified by
> the client, samba automaticly assigns guest permissions
> and changes the value that %U expands to.  This can make
> things confusing if have macro expansions in include
> files that depend on things like the username.

The cases we need to look at here are, firstly security=share.
This is the case that the sesssetup_user global was created
for - it keeps the last used username around as with share
level security you have no vuid's in an smb packet to 
determine the user.

With all other 'security=' levels every packet contains
a valid vuid number which is checked before access is allowed.

As a part of that check the client user name that was 
authenticated to produce that vuid is copied into the
sesssetup_user global to ensure that %U macro expansion
works correctly in the context of that smb request.

The only issue is when a null sessionsetupandX is sent.
This will create a valid vuid, but currently sets the 
authenticated user name to the UNIX user designated as
the Samba 'guest' account, instead of a blank string.

That this means is that all %U macro expansions done
when an SMB request with this vuid comes in will map
to the Samba UNIX 'guest' user, rather than become blank.

All we need to decide is if this is desired behaviour,
and if not, what username we want to use for %U macro
expansion for an anonymous connection.

My argument would be that the current behaviour, which
is to use the Samba UNIX 'guest' name, is the correct one
and then document it.

If you don't think it's desired behaviour then what name
to do want %U to map to when SMB packets come in that
are from an anonymous session ?


	Jeremy Allison,
	Samba Team.

Buying an operating system without source is like buying
a self-assembly Space Shuttle with no instructions.

More information about the samba-ntdom mailing list