[Samba] Winbind separator char causing make_server_info_from_pw
failed errors
Gerald (Jerry) Carter
jerry at samba.org
Tue Dec 14 04:24:38 GMT 2004
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
malk at sidehack.sat.gweep.net wrote:
| In 3.0.8, users connections would have the domain
| and separator char for spnego kerberos replies and
| if the separator is something other than
| the default of \, it will cause errors like this:
I don't think this is correct. Your statement about the
winbind separator. If you can prove to me that it was
the separator character causing your problems, then we'll
fix it. I think that you likely had some other configuration
error.
I'll gladly change my mind if you help me find such a bug
in our code.
cheers, jerry
|
| [2004/12/13 17:44:21, 1] smbd/service.c:make_connection_snum(648)
| 192.168.171.131 (192.168.171.131) connect to service debian-mirror
initially as user VIASAT-emalkowski (uid=10356, gid=10000) (pid 11519)
| [2004/12/13 17:44:22, 1] smbd/sesssetup.c:reply_spnego_kerberos(265)
| make_server_info_from_pw failed!
| [2004/12/13 17:44:24, 1] smbd/sesssetup.c:reply_spnego_kerberos(265)
| make_server_info_from_pw failed!
| [2004/12/13 17:44:24, 1] smbd/sesssetup.c:reply_spnego_kerberos(265)
| make_server_info_from_pw failed!
| [2004/12/13 17:44:24, 1] smbd/sesssetup.c:reply_spnego_kerberos(265)
| make_server_info_from_pw failed!
| [2004/12/13 17:44:24, 1] smbd/sesssetup.c:reply_spnego_kerberos(265)
| make_server_info_from_pw failed!
|
|
| It seems the VIASAT-emalkowski is confusing windows -- it would rather see
| VIASAT\emalkowski.
|
| Anyway -- I simply removed my winbind separator char override from
smb.conf
| as I use "winbind use default domain = yes" anyway making the separator
| setting a relic from the days I had DOMAIN-usernames in the pw entries
winbind
| provided.
|
| Perhaps a note in the documentation might be a good idea to warn the user
| about changing the winbind separator char from "\" and how it could cause
| errors like above since the separator is affecting what gets sent back
| as the username to a windows domain controller and anything other than "\"
| will seems to cause havoc.
|
| Hope this post will help anyone having similar problems ... this one
| didn't seem too obvious to me until I noticed the DOMAIN-username in
the logs
| on 3.0.8, but only username in the logs on 3.0.2. Once DOMAIN\username
| was in the logs, all was well.
|
| -Eric Malkowski
- --
- ---------------------------------------------------------------------
Alleviating the pain of Windows(tm) ------- http://www.samba.org
GnuPG Key ----- http://www.plainjoe.org/gpg_public.asc
"If we're adding to the noise, turn off this song"--Switchfoot (2003)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (Darwin)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFBvmsGIR7qMdg1EfYRAmZPAKDBhVZYU6p2MozFMwyeZt3AzlFmfwCgipY0
Xvvk9YkC8m2t1X5+Prla7Q0=
=+kdA
-----END PGP SIGNATURE-----
More information about the samba
mailing list