[Samba] samba 3.0.11, security=server and smbpasswd as fallback not working

Gerald (Jerry) Carter jerry at samba.org
Tue Feb 8 21:44:17 GMT 2005


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Ralf Gross wrote:
| Hi,
|
| with samba 2.2.12 a user was able to connect to a share with his local
| smbpasswd if he had no user on the password server. I updated the samba
| server
| to 3.0.11 and this is not working anymore. I kept the config files and the
| smbpasswd file. The smb.conf man page describes old behavior, but if the
| password server rejects the password the connection gets terminated
| with  NT_STATUS_LOGON_FAILURE.

Fallover to the next auth method only occurs when the current
auth method (e.g. the remote server) returns
NT_STATUS_NOT_IMPLEMENTED I think.  This is by design.

You'll have better luck setting

	'auth methods = guest sam_ignoredomain smbserver'

But I rarely ever recommend setting the 'auth methods' parameter.
So keep that in mind.

This will authenticate first against the smbpasswd and
the fall over to server authentication if the user is
not listed in the smbpasswd file.

Last recommendation, you should really explore security = domain.
security = server has been deprecated.




cheers, jerry
=====================================================================
Alleviating the pain of Windows(tm)      ------- http://www.samba.org
GnuPG Key                ----- http://www.plainjoe.org/gpg_public.asc
"I never saved anything for the swim back."     Ethan Hawk in Gattaca
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFCCTKxIR7qMdg1EfYRArwHAKCc1pRxuELCCkTbyJHhiAPRnB5aBACdEUYH
DodgGGckT0AirH0CQeclZB8=
=EuEP
-----END PGP SIGNATURE-----


More information about the samba mailing list