users.map and real UID (smbstatus)

MCCALL,DON (HP-USA,ex1) don_mccall at hp.com
Fri Apr 13 15:41:28 GMT 2001


Hallo Hans,
A couple of things:
you have map to guest = bad user
This means that if for some reason the user is not found, then your
connection will transparently
be made as your guest account (nobody).
Also in the share definitions, you specify guest ok = yes,
so again if something has gone wrong with the username/password pair that
was used to connect,
the connection will be made as guest.  So you get no errors, and can't tell
what is REALLY happening.

I would suggest that you comment out the "map to guest" parameter
temporarily, and set 
guest ok = no for the share in question, and try to connect again.
since you have security = share
and encrypt passwords = no (this is default, so if you don't specify
otherwise in the smb.conf file, this is 
what you get)
then when your client tries to connect, if you haven't changed your pc
registry to send plaintext passwords,
it will fail, and the only way you WILL get in is as guest...

If you set log level = 10
and log file = /usr/local/samba/var/log.%m

and do this test, you can send me the resultant log file (name will be
log.pcmachinename) and I can give you
more info.

Hope this helps,
Don

> -----Original Message-----
> From:	Troost, Hans [mailto:Hans.Troost at solvay.com]
> Sent:	Friday, April 13, 2001 3:56 AM
> To:	'samba at lists.samba.org'; 'samba-ntdom at lists.samba.org'
> Subject:	users.map and real UID (smbstatus)
> 
> L.S.
> 
> We use SAMBA 2.0.7 on SGI IRIX 6.5.4m to facilitate using unix shares on
> NT/W95 clients.
> 
> I created a users.map with e.g. next line:
> 
> aitht = nltroo01
> 
> when NT-domain user nltroo01 maps a unix share (via unix homes share)
> indeed his unix home directory (usr/people/aitht) is mapped to the client.
> 
> Inspecting the process on the SGI-machine (SGUX07) with smbstatus however
> shows that user nobody is is using the share aitht:
> 
> sgux07 28# ./smbstatus
> 
> Samba version 2.0.7
> Service      uid      gid      pid     machine
> ----------------------------------------------
> aitht        nobody   nobody   46707   we0w3944 (150.251.142.76) Fri Apr
> 13 08:58:25 2001
> Everything   nobody   nobody   46810   we0w5177 (150.251.142.117) Fri Apr
> 13 09:06:30 2001
> 
> No locked files
> 
> I hoped and expected that user aitht was the real UID using that share,
> because this mapping is done in users.map.
> 
> What parameters do I have to set in the smb.conf to achieve the mapping I
> want (so that aitht is using the share in stead of nobody?)
> 
> For more info: here is my smb.conf:
> 
> # Samba config file created using SWAT
> # from 150.251.142.171 (150.251.142.171)
> # Date: 2001/04/10 08:26:39
> 
> # Global parameters
> [global]
>         workgroup = WE0D0700
>         security = SHARE
>         map to guest = Bad User
>         username map = /usr/local/samba/lib/users.map
>         debug pid = Yes
>         debug uid = Yes
>         wins server = 150.251.137.134
>         delete readonly = Yes
> 
> [homes]
>         writeable = Yes
>         guest ok = Yes
>         browseable = No
> 
> [test]
>         path = /export/samba/test
>         writeable = Yes
>         guest ok = Yes
> 
> [Everything]
>         path = /
>         writeable = Yes
>         guest ok = Yes
> 
> Met vriendelijke groeten / With kind regards
> 
> Hans Troost
> 
> ################################################
> # Hans Troost
> # Atos Origin (at SOLVAY Pharmaceuticals B.V.)
> # Building WWM, room B-104
> # Postbox 900
> # 1380 DA, Weesp
> # The Netherlands
> #
> # E-mail : Hans.Troost at solvay.com
> # Phone (+31) (0)294-477492
> # Fax   (+31) (0)294-477140
> #
> # "non-SOLVAY"- and private mail :
> # Hans.Troost at nl.origin-it.com
> ###############################################
> 




More information about the samba-ntdom mailing list