samba-tng-alpha-1.2.tar.gz

Luke Kenneth Casson Leighton lkcl at samba.org
Wed Mar 22 21:41:02 GMT 2000


ok, you have partially answered your own question, with the SMBsesssetupX
message, there.

what is the domain PRANGHL?

it looks like you are connection from a trusted domain or a workstation,
and the domain name is being rejected as unknown, which is the *correct*
behaviour.

also, what doesn't work?  you don't explain what action you took that
generated this error message.  please remember that if you want an answer
to a question, try to avoid phrases with the word "it" :)

best regards,

luke

On Wed, 22 Mar 2000, Michael Glauche wrote:

> Luke Kenneth Casson Leighton wrote:
> > when using domain user map, when logging in and then accessing the samba
> > server, i re-enabled map_nt_and_unix_username() to allow the nt username
> > to be remapped to the unix username / share.
> 
> It still doesn't work here :((
> 
> Ok .. in log.smb I got:
> 
> nt name TESTWG\administrator gid 0 mapped to
> S-1-5-21-3091665109-2374745032-4202777493-500
> unixname = root, ntname = TESTWG\administrator type = 1
> load_name_map: Added 1 entries to name map.
> nobody is in 1 groups: 99
> uid 99 registered to name nobody
> Clearing default real name
> uid 99 vuid 100 registered to unix name nobody
> 
> ahh .. maybe here: ?
> 
> switch message SMBsesssetupX (pid 8241)
> passlen1: 24 passlen2: 24
> passlen: 24 24 Domain=[PRANGHL]  NativeOS=[Windows 2000 2195]
> NativeLanMan=[Window
> sesssetupX:name=[Administrator]
> lp_file_list_changed()
> file /opt/samba-tng//lib/smb.conf -> /opt/samba-tng//lib/smb.conf  last
> mod_time:
> 51:43 2000
> 
> lookupsmbpwntnam: nt user name PRANGHL\administrator
> name 'PRANGHL\administrator' split into domain:PRANGHL and nt
> name:administrator'
> Checking SMB password, user administrator domain PRANGHL
> password_ok: check SMB auth
> check_domain_security: PRANGH(2)
> get_any_dc_name: domain PRANGHL
> domain_client_validate: could not find domain PRANGHL, using local SAM
> cli_connection_init_auth: \\. \PIPE\lsarpc
> copy_nt_creds: null creds
> ncalrpc_l_use_add
> ncalrpc_l_find: lsarpc [8241,0]
> root is in 7 groups: 0, 1, 2, 3, 4, 6, 10
> uid 0 registered to name root
> Clearing default real name
> uid 0 vuid 101 registered to unix name root
> storing user 2031,65
> 
> This one confuses me:
> 
> cli_nt_login_network: 286
> make_id_info2: 854
> cli_net_sam_logon: srv:\\. mc:PRANGH ll: 2
> make_sam_info: 959
> make_clnt_info: 1158
> make_clnt_srv: 1013
>                 00009c smb_io_unistr2 uni_domain_name
>                     009c uni_max_len: 00000007
>                     00a0 undoc      : 00000000
>                     00a4 uni_str_len: 00000007
>                     00a8 buffer     : P.R.A.N.G.H.L.
>                 0000b6 smb_io_unistr2 uni_user_name
>                     00b8 uni_max_len: 0000000d
>                     00bc undoc      : 00000000
>                     00c0 uni_str_len: 0000000d
>                     00c4 buffer     : a.d.m.i.n.i.s.t.r.a.t.o.r.
>                 0000de smb_io_unistr2 uni_wksta_name
>                     00e0 uni_max_len: 00000006
>                     00e4 undoc      : 00000000
>                     00e8 uni_str_len: 00000006
>                     00ec buffer     : P.R.A.N.G.H.
> 
> and later
>             00e0 buffer_other_sids: 00000000
>             0000e4 smb_io_unistr2 user_name
>                 00e4 uni_max_len: 0000000d
>                 00e8 undoc      : 00000000
>                 00ec uni_str_len: 0000000d
>                 00f0 buffer     : a.d.m.i.n.i.s.t.r.a.t.o.r.
>             00010c smb_io_unistr2 full_name
>                 010c uni_max_len: 00000004
>                 0110 undoc      : 00000000
>                 0114 uni_str_len: 00000004
>                 0118 buffer     : r.o.o.t.
>             000120 smb_io_unistr2 - NULL logon_script
>             000120 smb_io_unistr2 profile_path
>                 0120 uni_max_len: 0000001e
>                 0124 undoc      : 00000000
>                 0128 uni_str_len: 0000001e
>                 012c buffer     :
> \.\.p.r.a.n.g.h.\.a.d.m.i.n.i.s.t.r.a.t.o.r.\.p.r.o.f.i.l.e.
>             000168 smb_io_unistr2 home_dir
>                 0168 uni_max_len: 00000016
>                 016c undoc      : 00000000
>                 0170 uni_str_len: 00000016
>                 0174 buffer     :
> \.\.p.r.a.n.g.h.\.a.d.m.i.n.i.s.t.r.a.t.o.r.
>             0001a0 smb_io_unistr2 - NULL dir_drive
>             01a0 num_groups2   : 00000007
>             0001a4 smb_io_gid
>                 01a4 g_rid: 000001f4
>                 01a8 attr : 00000007
> 
> a few lines later:
>                     0217 id_auth[5] : 05
>                     0218 sub_auths : 00000015 b84710d5 8d8bbbc8 fa814b95
>     0228 auth_resp   : 00000001
>     022c status      : 00000000
> cli_net_sam_logon:
> clnt_deal_with_creds: 153
> cred_create
>         sess_key : 662F1CD20A3CC54F
>         stor_cred: 5658BF69C7645E55
>         timestamp: 38d8cff8
>         timecred : 4E2898A2C7645E55
>         calc_cred: AA045363282FF7E8
> cred_assert
>         challenge : AA045363282FF7E8
>         calculated: AA045363282FF7E8
> credentials check ok
>         new clnt cred: 4E2898A2C7645E55
> domain_client_validate: user PRANGHLadministrator OK
> domain_client_validate: check lockout / pwd expired!
> password_ok: domain auth succeeded
> No such user administrator - using guest account
> nobody is in 1 groups: 99
> uid 99 registered to name nobody
> Clearing default real name
> uid 99 vuid 103 registered to unix name nobody
> 
> hmm ... strange !?
> he HAD mapped administrator correctly .. 
> or do I need to use 
> 
> root=PRANGHL/Administrator
> 
> in domainuser.map ??
> 
> TIA, 
>   Michael
> 

<a href=" mailto:lkcl at samba.org" > Luke Kenneth Casson Leighton    </a>
<a href=" http://cb1.com/~lkcl"  > Samba and Network Development   </a>
<a href=" http://samba.org"      > Samba Web site                  </a>
<a href=" http://mcp.com"        > Macmillan Technical Publishing  </a>
 
ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals



More information about the samba-ntdom mailing list