samba 3.0.1rc- secutity=ads - Problem with username map

Hansjoerg Maurer Hansjoerg.Maurer at dlr.de
Thu Oct 30 10:04:54 GMT 2003 

Hi,

I have successfully joined a samba 3.0.1rc server with security=ads to a 
W2k AD-Server.
Connecting to a share works fine.
Our testuser has in AD a differnt username than on Unix (NIS)
Therefore we use a username map.
  NativeOS=[Windows 2000 2195] NativeLanMan=[Windows 2000 5.0]
[2003/10/30 08:34:38, 3] libsmb/ntlmssp.c:ntlmssp_server_auth(286)
  Got user=[maurerh] domain=[DLR] workstation=[ADRMPC042] len1=24 len2=24

When I try to connect to the computer
with the MS Snap-In "Admin-Computer" (Computer verwalten in german)
access is denied and samba logs the following:

 NativeOS=[Windows 2000 2195] NativeLanMan=[Windows 2000 5.0]
[2003/10/29 16:34:42, 3] smbd/sesssetup.c:reply_spnego_negotiate(385)
  Got OID 1 2 840 48018 1 2 2
[2003/10/29 16:34:42, 3] smbd/sesssetup.c:reply_spnego_negotiate(385)
  Got OID 1 2 840 113554 1 2 2
[2003/10/29 16:34:42, 3] smbd/sesssetup.c:reply_spnego_negotiate(385)
  Got OID 1 3 6 1 4 1 311 2 2 10
[2003/10/29 16:34:42, 3] smbd/sesssetup.c:reply_spnego_negotiate(388)
  Got secblob of size 1270
[2003/10/29 16:34:42, 3] smbd/sesssetup.c:reply_spnego_kerberos(178)
  Ticket name is [maurerh at INTRA.DLR.DE]
[2003/10/29 16:34:42, 1] smbd/sesssetup.c:reply_spnego_kerberos(218)
  Username maurerh is invalid on this system
[2003/10/29 16:34:42, 3] smbd/error.c:error_packet(94)


If I create the local user maurerh on the linux machine
it works and i can connect.

Greetings

Hansjörg




-- 
_________________________________________________________________

Dr.  Hansjoerg Maurer           | LAN- & System-Manager
                                |
Deutsches Zentrum               | DLR Oberpfaffenhofen
  f. Luft- und Raumfahrt e.V.   |
Institut f. Robotik             |
Postfach 1116                   | Muenchner Strasse 20
82230 Wessling                  | 82234 Wessling
Germany                         |
                                |
Tel: 08153/28-2431              | E-mail: Hansjoerg.Maurer at dlr.de
Fax: 08153/28-1134              | WWW: http://www.robotic.dlr.de/
__________________________________________________________________

More information about the samba-technical mailing list