Smb multi-sessions, samba3.0.2pre1

Michael B Allen mba2000 at
Tue Jan 20 00:30:19 GMT 2004

Jianliang Lu said:
> A NT interactive logon process will establish 2 connections between the
> server and workstation: the first connection is anonymous, and the second
> is the domain/user. So at the end we have, for example:
> 	smb_tid = 1, smb_uid = 100 for anonymous
> 	smb_tid = 2, smb_uid = 101 for user
> From the trace I have seen that the NT workstation that logged with
> Domain/user (smb_uid 101) made a "CreateAndX" to path /samr with the
> smb_tid=1 and smb_uid=101, instead of smb_tid=2.

A tid is uniqe to a specific session. So in theory you could have:

    smb_tid = 1, smb_uid = 100 for anonymous
    smb_tid = 1, smb_uid = 101 for user

and this would be perfectly legit. Send me the trace and I will confirm.

> My question is: when we have the situation like above, that means, the
> conn->uid is different of the vuid (smb_uid), how do we set the effective
> uid? We should set it with the uid of conn->uid (now Samba did) or use the
> uid of vuid (smb_uid)? I think that the correct setting is the uid of
> smb_uid. Could you give me some suggestions?

I don't know samba internals so someone else can give you a difinitive
answer but I can say this -- for each SMB the server should do the
equivalent of looking up the session by uid from the transport and then
looking up the tree from that session by tid. Now one might hash these
values together and store them in the same hash table but it should not be
possible to lookup a tree created over a different session for example.


More information about the samba-technical mailing list