security=server & local smbpasswd file fallbacks?

[MCCALL,DON (HP-USA,ex1)]

Hi Axel,
You guess right - Samba in server security will 1st try to authenticate
against the password server you specify, but if that fails, he will attempt
to authenticate against the local smbpasswd file; sort of like having 'local
users' that are only available on your SAMBA system, but not in the whole
domain.
The messages you are seeing in the debug file are set to DEBUG(0,...
so even with a log level = 0 you will see these messages.
Hope this helps,
Don

-----Original Message-----
From: Axel Thimm [mailto:Axel.Thimm at physik.fu-berlin.de]
Sent: Wednesday, February 14, 2001 5:22 PM
To: samba at samba.org
Subject: security=server & local smbpasswd file fallbacks?


security=server does delegate the authetication to the named server. This
works wuite well in our setup. I am wondering what the following log
messages
may mean:

Feb 14 19:49:06 matth5 smbd[2057]: [2001/02/14 19:49:06, 0, pid=2057]
passdb/smbpass.c:startsmbfilepwent_internal(87)
Feb 14 19:49:06 matth5 smbd[2057]:   startsmbfilepwent_internal: unable to
open file /var/samba/private/smbpasswd. Error was No such file or directory
Feb 14 19:49:06 matth5 smbd[2057]: [2001/02/14 19:49:06, 0, pid=2057]
passdb/passdb.c:iterate_getsmbpwnam(150)
Feb 14 19:49:06 matth5 smbd[2057]:   unable to open smb password database.

Why does the "client" want to look up *his own* smbpasswd file? Does the
protocol allow looking up first in a central database (security = server)
and
then fall back to a local one (security = user)? Is that a feature or a bug,
i.e. should one exploit this feature perhaps?

And how do I turn off those irritating log messages? Setting smb password
file
to a zero string? Or creating a zero sized smbpasswd file? (I'd prefer the
first solution, if it exists, as it is more intuitive for me.)

Regards, Axel.
-- 
Axel.Thimm at physik.fu-berlin.de