[Samba] smbusers and wildcards

Kall, Bruce A. kall at mayo.edu
Wed Nov 5 15:20:50 GMT 2003


It is my understanding that if you have a wildcard in smbusers, it 
should only apply this if the particular users is not in your 
/etc/password file.  Is this true?  It appears like samba is rolling 
down the smbusers file and everything gets mapped to my wildcard user.

Eg.

smbusers:

root = administrator admin
nobody = guest pcguest smbguest
myunixlogin = mysmblogin
www-users = *

If I map a drive as mysmblogin in my log I get:

lib/username.c: map_username(160)
Mapped user mysmblogin to myunixlogin
lib/username.c: map_username(160)
Mapped user myunixlogin to www-users

I am using

security=server in my smb.conf to authenticate against a NT domain 
controller.  It is my understanding that samba should stop at the first 
match it finds in smbusers, but this is not what is happening.

What is the correct method to set up smbusers to get those that have 
known user accounts on my unix box mapped to those accounts and everyone 
else (hence the wildcard) to www-users (I need this so I can restrict 
some shares with valid-users)

If I don't have a www-users = * in my smbusers file, then validating 
against my NT domain controller fails because it passes the name of my 
guest account to the DC instead of the login name my user enters.  If I 
have the wildcard in smbusers (and a matching www-users account on my 
unix box with a disabled unix login) it does pass the correct name to 
the NT domain controller.

Suggestions?



Thanks,
Bruce


-- 
=========================================================
Bruce Kall
Mayo Clinic
200 First ST SW, 1-241 STM
Rochester, MN 55905
507-255-4768
=========================================================




More information about the samba mailing list