[Samba] $ in domain name, Samba 2.2.8a

Stuckless, Colin 709 778-3815 cstuckless at petro-canada.ca
Fri Sep 26 16:05:52 GMT 2003


I recently upgraded samba to 2.2.8a on a Solaris 8 server. Previously we
were running an older version on Solaris 2.6. I am using domain security to
authenticate users to an NT based PDC, and have a username map for matching
Windows usernames to Unix usernames.

The problem I'm having is that users in the same domain as the Solaris
server are authenticating fine, but users in a domain trusted by that domain
are not authenticating. For example, if the local domain is DOMB and the
trusted domain with the dollar sign is $DOMA, in my smb log I see:

domain_client_validate: unable to validate password for user FOO in domain
_DOMA to Domain controller *. Error was NT_STATUS_NO_SUCH_USER.

It looks to me like the $ in $DOMA is being mapped to an underscore
("_DOMA"), and I'm guessing that the PDC is being asked to validate a user
in a domain "_DOMA" that it knows nothing about. Or perhaps this is a red
herring, and the $ is preserved in the smb communication but just not in my
log file.

I didn't have this problem under the older samba version I was running (also
using domain security and our NT based PDC). Any ideas?

Best Regards,

Colin Stuckless


This email communication is intended as a private communication for the sole
use of the primary addressee and those individuals listed for copies in the
original message. The information contained in this email is private and
confidential and if you are not an intended recipient you are hereby
notified that copying, forwarding or other dissemination or distribution of
this communication by any means is prohibited.  If you are not specifically
authorized to receive this email and if you believe that you received it in
error please notify the original sender immediately.  We honour similar
requests relating to the privacy of email communications.

Cette communication par courrier électronique est une communication privée à
l'usage exclusif du destinataire principal ainsi que des personnes dont les
noms figurent en copie.  Les renseignements contenus dans ce courriel sont
confidentiels et si vous n'êtes pas le destinataire prévu, vous êtes avisé,
par les présentes que toute reproduction, tout transfert ou toute autre
forme de diffusion de cette communication par quelque moyen que ce soit est
interdit.  Si vous n'êtes pas spécifiquement autorisé à recevoir ce courriel
ou si vous croyez l'avoir reçu par erreur, veuillez en aviser l'expéditeur
original immédiatement.  Nous respectons les demandes similaires qui
touchent la confidentialité des communications par courrier électronique.

More information about the samba mailing list