Samba4 as a member server against an NT4 PDC

Richard Sharpe rsharpe at
Sun Apr 3 05:34:27 GMT 2005

On Sat, 2 Apr 2005, Andrew Bartlett wrote:

> > > The only interesting thing I can see at this point is that the negotiate
> > > flags on the ServerAuthenticate2 are 0x600FFFFF, while another more
> > > successful capture I have for an NT4 PDC uses 0x000001FF.
> >
> > OK, so I forced the negotiate_flags to 0x1FF at the appropriate point, and
> > now we get past the ServerAuthenticate2 request, but things went to hell
> > in a handbasket after that (SMB_PANIC ...)
> This is the issue with being unable to map these SIDs to posix
> identities?  We need idmap (no, not again!), but in the meantime we can
> have as-root access by setting 'ntvfs handler = default' rather than the
> default of 'ntvfs handler = unixuid default'.

OK, now I undertstand what you were talking about, although I still had
problems after Metze's commit ...

It seems to me that for a Member server you want to consult LDAP for the
mapping of SIDs to UIDs, but perhaps do it via winbindd? At the moment the
unixuid handler seems to assume that everything you want will be in gendb.

Richard Sharpe, rsharpe[at], rsharpe[at],

More information about the samba-technical mailing list