[Samba] Authentication issue still exists in 3.0.3

Jay D. Anderson Jay.Anderson at dw.deere.com
Fri Apr 30 17:23:55 GMT 2004

I wrote about this problem more than a week ago, but got no response.  I 
upgraded to 3.0.3 hoping this issue would go away, but it hasn't.

I am seeing the problem running Samba 3.0.2a or 3.0.3 on both Solaris 8 
and RH Linux ES3.  This problem was not present in Samba 2.2.8a.

The Samba servers are member servers of an Active Directory domain, and 
all other file and print sharing is working well.  Global section of 
smb.conf included below.  I am not running winbindd.

On a Windows XP client that hasn't been added to Active Directory yet, 
domain credentials will not authenticate to the Samba server if the 
credentials are given in the form username at mydomain.com.  The same 
operation against a Windows server works fine.  If the credentials are 
supplied in other forms to the Samba server, they will work (e.g., 
mydomain\username, mydomain.com\username).  If the Windows XP client is 
added to the AD domain, the credentials will work in any of the formats.

 From an auth:10 debug, it appears Samba is using the entire 
username at mydomain.com string as the username rather than breaking it 
into username and domain components.  I have a "log level = 3 auth:10" 
log file available on request.

Thank you very much for taking a look at this.

       realm = MYDOMAIN.COM
       security = ADS
       netbios name = SERVER1
       password server = ADPS1.MYDOMAIN.COM,ADPS2.MYDOMAIN.COM
       interfaces =
       encrypt passwords = Yes
       map to guest = Bad User
       username map = /usr/local/samba/lib/users.map
       host msdfs = Yes
       time server = Yes
       deadtime = 5
       socket options = TCP_NODELAY
       local master = No
       dns proxy = No
       workgroup = MYDOMAIN
       name resolve order = host wins bcast
       wins server =

Jay D. Anderson                         John Deere Davenport Works
Jay (at) DW.Deere.com                        P.O. Box 4198
Phone: 563.388.4268 Fax: 563.388.4159   Davenport, Iowa 52808

More information about the samba mailing list