SAMBA3.5pre2-Does map untrusted to domain work?

Wed Jan 6 12:11:05 MST 2010

I had asked this previously.
I had read that the "map untrusted to domain" is supposed to revert back to the way SAMBA previously authenticated the
users, if needed per this thread: 

"Previous to my patches, smbd would replace an untrusted domain name, or
a NULL domain name, with the primary domain, and then try to
authenticate that name against the DC.  This, while not matching Windows
behavior, seems to be the behavior you're expecting and want in your
setup.  That's why the "map untrusted to domain" parameter exists, to
allow you to revert to the previous non-Windows behavior."

Unless I am missing something, this switch does not seem to work in that I can't get the user
authenticated to a SAMBA share unless the domain is also specified with the username.  The logs show that
the machine's name is used as the domain name, unless you specify the real domain name when authenticating.

Log with just username:
Got user=[someuser] domain=[XPMachine] workstation=[XPMachine]

Log when you specify domain (which is what I need without specifying the domain):
Got user=[someuser] domain=[DomainSambaJoinedTo] workstation=[XPMachine]

The test setup is SAMBA3.5 pre2 joined to a Windows 2008 R2 active directory server.  The machine trying
to access the share is an XP SP3 machine and is NOT joined to the 2008 R2 AD server.

Thanks for the help!

NOTICE - This communication may contain confidential and privileged information that is for the sole use of the intended recipient. Any viewing, copying or distribution of, or reliance on this message by unintended recipients is strictly prohibited.  If you have received this message in error, please notify us immediately by replying to the message and deleting it from your computer.

More information about the samba-technical mailing list