username map and encrypted passwords

malc at praxisint.com malc at praxisint.com
Wed Oct 8 22:20:10 GMT 1997


Hello,
     I'm running Samba 1.9.17p2 (compiled with DES) on FreeBSD 2.2-STABLE
and
trying to connect w/ NT 4.0 workstation SP3. I have updated the registry on
 the NT box
correctly to enable clear text passwords. I have 'server = user' defined in
 smb.conf. (the
rest of the smb.conf global defines are listed below).  I have a username
map defined
as well since many of our NT user names are not the same as our unix user
names. If I
enable encrypted passwords and use the smbpasswd file then Samba does the
right thing with mapping usernames and logging in successfully. However, if
 I
disable encrypted passwords, then apparently, only users who have the same
user name for NT and unix are able to log in successfully. Those users who
need username translation via the username map are unable to log in. The
symptoms are the same as if clear text passwords were not enabled on the NT
box ("incorrect username/password"). After looking at the Samba logs, it
looks
like the username map *is* in fact being scanned when a connection request
is received.

Here is a snippet from the log file (an unsuccessful connection)

pm_process() returned Yes
adding IPC service
Netmask for de0 = 255.255.255.0
Derived broadcast address 204.166.158.255
Added interface ip=204.166.158.149 bcast=204.166.158.255
nmask=255.255.255.0
10/08/97 11:43:45 loaded services
10/08/97 11:43:45 changed root to /
priming nmbd
sending a packet of len 1 to (127.0.0.1) on port 137 of type DGRAM
10/08/97 11:43:45 Transaction 0 of length 72
netbios connect: name1=SUN              name2=WAIMEA
Scanning username map /usr/local/samba/lib/username.map
10/08/97 11:43:45 Transaction 1 of length 174
switch message SMBnegprot (pid 12543)
Requested protocol [PC NETWORK PROGRAM 1.0]
Requested protocol [XENIX CORE]
Requested protocol [MICROSOFT NETWORKS 1.03]
Requested protocol [LANMAN1.0]
Requested protocol [Windows for Workgroups 3.1a]
Requested protocol [LM1.2X002]
Requested protocol [LANMAN2.1]
Requested protocol [NT LM 0.12]
Selected protocol NT LM 0.12
end of file from client
Closing connections
10/08/97 11:43:45 Server exit  (normal exit)

Here's are the globals in my smb.conf:


[global]

; logging debug level
   debug level = 4
; workgroup = NT-Domain-Name or Workgroup-Name, eg: REDHAT4
   workgroup = NTDOMAIN

; comment is the equivalent of the NT Description field
   comment = Samba Server

; printing = BSD or SYSV or AIX, etc.
   printing = bsd
   printcap name = /etc/printcap
   load printers = no

; log file
  log file = /usr/local/samba/var/log.smb
; Put a capping on the size of the log files (in Kb)
   max log size = 100

; Options for handling file name case sensitivity and / or preservation
; Case Sensitivity breaks many WfW and Win95 apps
   case sensitive = yes
   short preserve case = yes
   preserve case = yes

; Security and file integrity related options
   lock directory = /usr/local/samba/var/locks
   locking = yes
; Strict locking is available for paranoid locking situations only
;        enabling this severely degrades read / write performance.
;   strict locking = yes
;   fake oplocks = yes
   share modes = yes

; enable Windows to Unix username translation
    username map = /usr/local/samba/lib/username.map

; Security modes: USER uses Unix username/passwd, SHARE uses WfW type
passwords
;        SERVER uses an other SMB server (eg: Windows NT Server or Samba)
;        to provide authentication services
   security = user
; enable encrypted passwords.
   encrypt passwords = no

; WINS Server - Tells the NMBD components of Samba to be a WINS Client
; Note: Samba can be either a WINS Server, or a WINS Client, but NOT both
   wins server = 204.166.158.8

Is there a solution? Something I missed? Is anyone else having the
same problem?

Thanks in Advance.

-Malc




More information about the samba mailing list