[Samba] Strange authentication problem - Samba 3.0.2a
Jay D. Anderson
Jay.Anderson at dw.deere.com
Fri Apr 16 18:01:02 GMT 2004
This problem appears to be a bug.
I am seeing the problem running Samba 3.0.2a on both Solaris 8 and RH
Linux ES3. This problem was not present in Samba 2.2.8a.
The Samba servers are member servers of an Active Directory domain, and
all other file and print sharing is working well. Global section of
smb.conf included below.
On a Windows XP client that hasn't been added to Active Directory yet,
domain credentials will not authenticate to the Samba server if the
credentials are given in the form username at mydomain.com. The same
operation against a Windows server works fine. If the credentials are
supplied in other forms to the Samba server, they will work (e.g.,
mydomain\username, mydomain.com\username). If the Windows XP client is
added to the AD domain, the credentials will work in any of the formats.
From an auth:10 debug, it appears Samba is using the entire
username at mydomain.com string as the username rather than breaking it
into username and domain components.
Thank you very much for taking a look at this.
[global]
realm = MYDOMAIN.COM
security = ADS
netbios name = SERVER1
password server = ADPS1.MYDOMAIN.COM,ADPS2.MYDOMAIN.COM
interfaces = 166.122.99.1/20 166.122.99.50/20
encrypt passwords = Yes
map to guest = Bad User
username map = /usr/local/samba/lib/users.map
host msdfs = Yes
time server = Yes
deadtime = 5
socket options = TCP_NODELAY
local master = No
dns proxy = No
workgroup = MYDOMAIN
name resolve order = host wins bcast
wins server = 166.122.99.135 166.122.15.103
--
---------------------------------------------------------------------
Jay D. Anderson John Deere Davenport Works
Jay at DW.Deere.com P.O. Box 4198
Phone: 563.388.4268 Fax: 563.388.4159 Davenport, Iowa 52808
More information about the samba
mailing list