Samba, Clearcase, and multiple credentials

Jeremy Allison jeremy at
Thu Nov 18 15:06:14 GMT 1999

FYI: I am on the road giving Samba talks at the moment,
I'll be able to address this more fully when I get back
on Friday.

"Frank R. Brown" <list.Frank at> wrote :

>>From David Boyce's posting of some info samba info he got
> from rational:

>> >|Being a prisoner of the SMB protocol and thus Microsoft's short-sighted
>> >|PC-think, Samba defines "client" not as a user or a user/system pair but
>> >|as a PC. I.e. it forks just one child process to handle all communications
>> >|with each NT _machine_.
>> This is the implementation issue. (It is not forced by SMB protocol which
>> distinguishes the session by the user's ID.) TAS forks a process for each
>> user/system pair. Although one TCP connection (with NetBT) is used between
>> the client PC and TAS server (thus multiple users are sharing the same
>> transport), TAS has the de/multiplexor for the TCP connection. (TAS does
>> the same for NetBEUI.)
>> It's up to Samba to implement such mechanism, which will be needed for NT
>> Terminal Server and Win2K's Terminal Service.
>> --- Seiichi
>> + Seiichi Tatsukawa +
>> + Rational Software, Lexington, MA +

This is true that it is an implementation issue.
However it is incorrect that Samba is a prisoner
of "Microsoft's short-sighted PC-think", as it
is actually by design.

> Okay...  I take this to mean (in the 'credentials' language I've been
> using) that  1) *SMB* permits multiple connections with different
> credentials between the same two machines;  2) some SMB
> servers, in particular TAS, support this;  and 3) samba doesn't.

3). Is incorrect, Samba does support this.

I implemented the multiple user session support in
Samba, and it is designed to keep it within one process.
smbd switches userid on each *different* vuid incoming
and so can easily support multiple users multiplexed
into one smbd (I implemented this to support logging
from an NT service running under a different user context,
which is the most common case of this).

Now this is very inefficient for products such as 
terminal server etc., but these products are quite
rare. However, Seiichi Tatsukawa is incorrect when he
states that "which will be needed for NT Terminal Server
and Win2K's Terminal Service".

If you take a look at the .reg file called 


that shipped with the Samba 2.0.6 source tree,
you will find it modifies a registry entry to
cause Windows Terminal server to create *new* SMB
connections (and hence new smbd servers) for each
user connection. There are many people running happily 
on WinTermServ with this setting, which was
why it was included in the 2.0.6 release.

Follow up if you still have questions, and if 
someone could forward this to Seiichi Tatsukawa
at Rational I'd appreciate it (his email address
was not listed in the message).


	Jeremy Allison,
	Samba Team.

More information about the samba-technical mailing list