username map and encrypted passwords

malc at malc at
Wed Oct 8 22:20:10 GMT 1997

     I'm running Samba 1.9.17p2 (compiled with DES) on FreeBSD 2.2-STABLE
trying to connect w/ NT 4.0 workstation SP3. I have updated the registry on
 the NT box
correctly to enable clear text passwords. I have 'server = user' defined in
 smb.conf. (the
rest of the smb.conf global defines are listed below).  I have a username
map defined
as well since many of our NT user names are not the same as our unix user
names. If I
enable encrypted passwords and use the smbpasswd file then Samba does the
right thing with mapping usernames and logging in successfully. However, if
disable encrypted passwords, then apparently, only users who have the same
user name for NT and unix are able to log in successfully. Those users who
need username translation via the username map are unable to log in. The
symptoms are the same as if clear text passwords were not enabled on the NT
box ("incorrect username/password"). After looking at the Samba logs, it
like the username map *is* in fact being scanned when a connection request
is received.

Here is a snippet from the log file (an unsuccessful connection)

pm_process() returned Yes
adding IPC service
Netmask for de0 =
Derived broadcast address
Added interface ip= bcast=
10/08/97 11:43:45 loaded services
10/08/97 11:43:45 changed root to /
priming nmbd
sending a packet of len 1 to ( on port 137 of type DGRAM
10/08/97 11:43:45 Transaction 0 of length 72
netbios connect: name1=SUN              name2=WAIMEA
Scanning username map /usr/local/samba/lib/
10/08/97 11:43:45 Transaction 1 of length 174
switch message SMBnegprot (pid 12543)
Requested protocol [PC NETWORK PROGRAM 1.0]
Requested protocol [XENIX CORE]
Requested protocol [MICROSOFT NETWORKS 1.03]
Requested protocol [LANMAN1.0]
Requested protocol [Windows for Workgroups 3.1a]
Requested protocol [LM1.2X002]
Requested protocol [LANMAN2.1]
Requested protocol [NT LM 0.12]
Selected protocol NT LM 0.12
end of file from client
Closing connections
10/08/97 11:43:45 Server exit  (normal exit)

Here's are the globals in my smb.conf:


; logging debug level
   debug level = 4
; workgroup = NT-Domain-Name or Workgroup-Name, eg: REDHAT4
   workgroup = NTDOMAIN

; comment is the equivalent of the NT Description field
   comment = Samba Server

; printing = BSD or SYSV or AIX, etc.
   printing = bsd
   printcap name = /etc/printcap
   load printers = no

; log file
  log file = /usr/local/samba/var/log.smb
; Put a capping on the size of the log files (in Kb)
   max log size = 100

; Options for handling file name case sensitivity and / or preservation
; Case Sensitivity breaks many WfW and Win95 apps
   case sensitive = yes
   short preserve case = yes
   preserve case = yes

; Security and file integrity related options
   lock directory = /usr/local/samba/var/locks
   locking = yes
; Strict locking is available for paranoid locking situations only
;        enabling this severely degrades read / write performance.
;   strict locking = yes
;   fake oplocks = yes
   share modes = yes

; enable Windows to Unix username translation
    username map = /usr/local/samba/lib/

; Security modes: USER uses Unix username/passwd, SHARE uses WfW type
;        SERVER uses an other SMB server (eg: Windows NT Server or Samba)
;        to provide authentication services
   security = user
; enable encrypted passwords.
   encrypt passwords = no

; WINS Server - Tells the NMBD components of Samba to be a WINS Client
; Note: Samba can be either a WINS Server, or a WINS Client, but NOT both
   wins server =

Is there a solution? Something I missed? Is anyone else having the
same problem?

Thanks in Advance.


More information about the samba mailing list