Session username vs. Real username

Gerald Carter gcarter at
Wed Dec 6 13:55:31 GMT 2000

"Anders C. Thorsen" wrote:
> The way I've understood the SMB protocol, when a client 
> connects to a server, it passess a username which is 
> the session username, which is not neccesarry
> the same username as it will later be authenticated as.
> Am I right?
> Which brings me to the real question. When a user browses 
> the list of sharings, is there any case where the username will 
> be a authenticated username, and any cases where it will 
> always be a auth. username?

You questions relate more to Samba's implementation (or a 
given server implementation) rather than the protocol itself.
For example, a windows 9x client transmits the username in
all upper case letters.  This is the session username you
are referring to.  However, most UNIX usernames are case 
insensitive and I have never met a sysadmin who didn't 
follow convention by making usernames in all lower case 
characters.  Therefore samba does an internal mapping between 
these two.  Other instances could be traced to the 'force 
user' parameter.

Now onto your real question, When browsing, IIRC a Windows 
box will attempt to browse a server using the username
and password enter at logon.  As opposed to an anonymous
connection.  So if this is a valid account on the 
server, then you are set.  If the account is not valid,
then you get into guest logons, etc...

Make sense?

CHeers, jerry

   /\  Gerald (Jerry) Carter                     Professional Services
 \/  VA Linux Systems   gcarter at       SAMBA Team          jerry at                     jerry at

       "...a hundred billion castaways looking for a home."
                                - Sting "Message in a Bottle" ( 1979 )

More information about the samba-technical mailing list