[Samba] Erronous username character substitution ( %u )

Wed Jun 16 14:10:29 GMT 2004

Have you tried with %U (not %u)? I have not tried this, but apparently 
it is the session username (ie requested username, not necessarily the 
given username).

Jeroen Vogelpoel wrote:

> Good day,
>
> I'm having a few problems with Samba 3.0.2a, specifically involving 
> the username character substitute, %u. For some reason, Samba resolves 
> the %u character wrongly when used in the "path" parameter, where it 
> resolves it as the guest account. However, the server in question has
> "map to guest" set to never and both "guest ok" and "guest only" set 
> to 0. The odd thing is, however, that the %u substitution in the 
> "comment" parameter is resolves correctly to the username, showing a 
> comment as expected with the mapped username. However, the logs show 
> that even though the user is mapped and then authenticated correctly, 
> it still connects to the share as a guest user. The question is, how 
> do I get Samba to properly connect to the share with the authenticated 
> username instead of the guest account? Also, given the configuration 
> given below, I should be unable to access the "nico" share, because my 
> win2k username maps to jeroen. Samba connects me as the guest user 
> again, giving me access to the share, even after I added "invalid 
> users = nobody" as a test. Following are a few testparm dumps ( only 
> modified parameters ) and the relevant log entries:
>
> *** `testparm -L Websites` dump
>
> [global]
>         workgroup = ECHELONPROJECT
>         netbios aliases = Administration, Websites
>         server string = Samba %v ( %L )
>         username map = /etc/samba/smbusers
>         log level = 2
>         log file = /var/log/samba3/samba.%m
>         deadtime = 120
>         socket options = IPTOS_LOWDELAY TCP_NODELAY
>         comment = "Shared directory at %L"
>         hosts allow = 192.168.0.0/24
>         include = /etc/samba/includes/websites.shares
>
> [jeroen]
>         path = /home/jeroen/public_html
>         valid users = jeroen
>         read only = No
>         create mask = 0755
>
> [nico]
>         path = /home/nico/public_html
>         valid users = nico
>         read only = No
>         create mask = 0755
>
> [website]
>         comment = "%u's website"
>         path = /home/%u/public_html
>         read only = No
>         create mask = 0755
>
> ( Default values such as security = user have been left out. )
>
> *** Log entries
>
> [2004/06/16 15:14:40, 2] auth/auth.c:check_ntlm_password(305)
>   check_ntlm_password:  authentication for user [Jeroen Vogelpoel] -> 
> [jeroen] -> [jeroen] succeeded
> [2004/06/16 15:14:40, 2] lib/access.c:check_access(324)
>   Allowed connection from  (192.168.0.2)
> [2004/06/16 15:14:41, 2] lib/access.c:check_access(324)
>   Allowed connection from  (192.168.0.2)
> [2004/06/16 15:14:41, 2] lib/access.c:check_access(324)
>   Allowed connection from  (192.168.0.2)
> [2004/06/16 15:14:41, 1] smbd/service.c:make_connection_snum(705)
>   terra (192.168.0.2) connect to service jeroen initially as user 
> nobody (uid=65534, gid=65534) (pid 19841)
> [2004/06/16 15:14:44, 2] lib/access.c:check_access(324)
>   Allowed connection from  (192.168.0.2)
> [2004/06/16 15:14:44, 0] smbd/service.c:make_connection_snum(677)
>   '/home/nobody/public_html' does not exist or is not a directory, 
> when connecting to [website]