[Samba] Erronous username character substitution ( %u )

Jeroen Vogelpoel n.a.vogelpoel at chello.nl
Wed Jun 16 13:38:59 GMT 2004 

Good day,

I'm having a few problems with Samba 3.0.2a, specifically involving the 
username character substitute, %u. For some reason, Samba resolves the 
%u character wrongly when used in the "path" parameter, where it 
resolves it as the guest account. However, the server in question has
"map to guest" set to never and both "guest ok" and "guest only" set to 
0. The odd thing is, however, that the %u substitution in the "comment" 
parameter is resolves correctly to the username, showing a comment as 
expected with the mapped username. However, the logs show that even 
though the user is mapped and then authenticated correctly, it still 
connects to the share as a guest user. The question is, how do I get 
Samba to properly connect to the share with the authenticated username 
instead of the guest account? Also, given the configuration given below, 
I should be unable to access the "nico" share, because my win2k username 
maps to jeroen. Samba connects me as the guest user again, giving me 
access to the share, even after I added "invalid users = nobody" as a 
test. Following are a few testparm dumps ( only modified parameters ) 
and the relevant log entries:

*** `testparm -L Websites` dump

[global]
         workgroup = ECHELONPROJECT
         netbios aliases = Administration, Websites
         server string = Samba %v ( %L )
         username map = /etc/samba/smbusers
         log level = 2
         log file = /var/log/samba3/samba.%m
         deadtime = 120
         socket options = IPTOS_LOWDELAY TCP_NODELAY
         comment = "Shared directory at %L"
         hosts allow = 192.168.0.0/24
         include = /etc/samba/includes/websites.shares

[jeroen]
         path = /home/jeroen/public_html
         valid users = jeroen
         read only = No
         create mask = 0755

[nico]
         path = /home/nico/public_html
         valid users = nico
         read only = No
         create mask = 0755

[website]
         comment = "%u's website"
         path = /home/%u/public_html
         read only = No
         create mask = 0755

( Default values such as security = user have been left out. )

*** Log entries

[2004/06/16 15:14:40, 2] auth/auth.c:check_ntlm_password(305)
   check_ntlm_password:  authentication for user [Jeroen Vogelpoel] -> 
[jeroen] -> [jeroen] succeeded
[2004/06/16 15:14:40, 2] lib/access.c:check_access(324)
   Allowed connection from  (192.168.0.2)
[2004/06/16 15:14:41, 2] lib/access.c:check_access(324)
   Allowed connection from  (192.168.0.2)
[2004/06/16 15:14:41, 2] lib/access.c:check_access(324)
   Allowed connection from  (192.168.0.2)
[2004/06/16 15:14:41, 1] smbd/service.c:make_connection_snum(705)
   terra (192.168.0.2) connect to service jeroen initially as user 
nobody (uid=65534, gid=65534) (pid 19841)
[2004/06/16 15:14:44, 2] lib/access.c:check_access(324)
   Allowed connection from  (192.168.0.2)
[2004/06/16 15:14:44, 0] smbd/service.c:make_connection_snum(677)
   '/home/nobody/public_html' does not exist or is not a directory, when 
connecting to [website]

More information about the samba mailing list