Question on User validation

James Strauch jamey at beasys.com
Tue Jan 12 00:30:45 GMT 1999


>
>         


Samba Fans:
I currently have a number of samba servers running Samba-1.9.18 on Solaris
2.6.
But each and every share requires the user to log in with not just the
password
but the correct username as well. Here is the interesting part. I left the
security parameter as default, security=share. 

# Global parameters
        security = share
        workgroup = BEACORP
[backup1]
        path = /export/backup/%U
        admin users = wwong,jamey
        force user = samba
        read only = No
        create mask = 0766

Then if security is set to share AND within the share configuration force user
= samba, the log.smb gives me the following without prompting for both a
username and password:

>
> [1999/01/11 15:28:54, 1] smbd/files.c:file_init(219)
>   file_init: Information only: requested 10000 open files, 1014 are
> available.
> [1999/01/11 15:29:10, 0] smbd/service.c:make_connection(437)
>   Can't change directory to /export/backup/camaro (No such file or
directory)
> [1999/01/11 15:29:10, 0] smbd/service.c:make_connection(437)
>   Can't change directory to /export/backup/camaro (No such file or
directory)
> [1999/01/11 15:29:10, 0] smbd/service.c:make_connection(437)
>   Can't change directory to /export/backup/camaro (No such file or
directory)
> [1999/01/11 15:29:10, 0] smbd/service.c:make_connection(437)
>   Can't change directory to /export/backup/camaro (No such file or
directory)
> [1999/01/11 15:29:10, 0] smbd/service.c:make_connection(437)
>   Can't change directory to /export/backup/camaro (No such file or
directory)


>
> The strange thing about this is the path that samba cannot find (
> /export/backup/camaro) is the path it attempts to creat from the line:


                path = /export/backup/%U

But the string "camaro" is the name of the client machine not the user logged
into the client machine. 

But if  security=server and the force user is turned off, log.smb shows this
after a user-name and password is given when browsing the machine:
 camaro (172.16.15.245) connect to service backup1 as user jamey 
 (uid=5671, gid=10) (pid 9627)

The goal is to enable these shares to recognize the windows login-name as the
user-id and pass along the passwords (note: the clear-text password registry
fix has been applied.)
How do I make this happen?


When I turn up the debug level I get things like this:
================================================
                log.smb snipet:

1999/01/11 16:28:16, 3] smbd/reply.c:reply_sesssetup_and_X(675)
  Domain=[BEACORP]  NativeOS=[Windows NT 1381] NativeLanMan=[]
[1999/01/11 16:28:16, 3] smbd/reply.c:reply_sesssetup_and_X(679)
  sesssetupX:name=[CAMARO]
[1999/01/11 16:28:16, 3] smbd/reply.c:reply_sesssetup_and_X(797)
  Registered username samba for guest access
[1999/01/11 16:28:16, 3] smbd/process.c:process_smb(565)
  Transaction 23 of length 74
[1999/01/11 16:28:16, 3] smbd/process.c:switch_message(402)
  switch message SMBtconX (pid 10356)
[1999/01/11 16:28:16, 3] lib/doscalls.c:dos_ChDir(327)
  dos_ChDir to /usr/local/samba
[1999/01/11 16:28:16, 3] smbd/password.c:authorise_login(788)
  ACCEPTED: guest account and guest ok
[1999/01/11 16:28:16, 3] smbd/service.c:make_connection(382)
  Connect path is /export/backup/camaro
[1999/01/11 16:28:16, 3] smbd/password.c:setup_groups(192)
  samba is in 1 groups: 1
[1999/01/11 16:28:16, 3] lib/doscalls.c:dos_ChDir(327)
  dos_ChDir to /export/backup/camaro
[1999/01/11 16:28:16, 0] smbd/service.c:make_connection(437)
  Can't change directory to /export/backup/camaro (No such file or directory)
[1999/01/11 16:28:16, 3] smbd/connection.c:yield_connection(40)
  Yielding connection to backup
[1999/01/11 16:28:16, 3] smbd/connection.c:yield_connection(40)
  Yielding connection to STATUS.
================================================



James Strauch
Senior Systems Administrator 
BEA Systems Inc.






-------------- next part --------------
HTML attachment scrubbed and removed


More information about the samba mailing list