[Samba] Strange authentication problem - Samba 3.0.2a

Jay D. Anderson Jay.Anderson at dw.deere.com
Fri Apr 16 18:01:02 GMT 2004

This problem appears to be a bug.

I am seeing the problem running Samba 3.0.2a on both Solaris 8 and RH 
Linux ES3.  This problem was not present in Samba 2.2.8a.

The Samba servers are member servers of an Active Directory domain, and 
all other file and print sharing is working well.  Global section of 
smb.conf included below.

On a Windows XP client that hasn't been added to Active Directory yet, 
domain credentials will not authenticate to the Samba server if the 
credentials are given in the form username at mydomain.com.  The same 
operation against a Windows server works fine.  If the credentials are 
supplied in other forms to the Samba server, they will work (e.g., 
mydomain\username, mydomain.com\username).  If the Windows XP client is 
added to the AD domain, the credentials will work in any of the formats.

 From an auth:10 debug, it appears Samba is using the entire 
username at mydomain.com string as the username rather than breaking it 
into username and domain components.

Thank you very much for taking a look at this.

        realm = MYDOMAIN.COM
        security = ADS
        netbios name = SERVER1
        password server = ADPS1.MYDOMAIN.COM,ADPS2.MYDOMAIN.COM
        interfaces =
        encrypt passwords = Yes
        map to guest = Bad User
        username map = /usr/local/samba/lib/users.map
        host msdfs = Yes
        time server = Yes
        deadtime = 5
        socket options = TCP_NODELAY
        local master = No
        dns proxy = No
        workgroup = MYDOMAIN
        name resolve order = host wins bcast
        wins server =

Jay D. Anderson                         John Deere Davenport Works
Jay at DW.Deere.com                        P.O. Box 4198
Phone: 563.388.4268 Fax: 563.388.4159   Davenport, Iowa 52808

More information about the samba mailing list