WG: [Samba] username map before passwd?

Häfliger Peter peter.haefliger at paranet.ch
Mon Jun 27 09:34:28 GMT 2005 

Hy jerry

and some more information, the thing is why i try to map all other users to domaunuu is, because the guest account is not working anymore (since i try to update from old version 2.2.1).
there i get always 

[2005/06/27 08:32:43, 0] auth/auth_util.c:make_server_info_info3(1195)
  make_server_info_info3: pdb_init_sam failed!
[2005/06/27 08:32:43, 2] auth/auth.c:check_ntlm_password(312)
  check_ntlm_password:  Authentication for user [gwimedical] -> [gwimedical] FAI
LED with error NT_STATUS_NO_SUCH_USER

may because i'm running tru64 unix and so on pam is not working (and winbind-daemon of course is not working)
so i try'd for days now and doens't get these guest logins working.

if i don't get it to work, i try to fix it via username map. (! peter = mars\peter) and so on.

if you have a hint thank you very much

peter

-----Ursprüngliche Nachricht-----
Von: Häfliger Peter 
Gesendet: Montag, 27. Juni 2005 08:08
An: 'Gerald (Jerry) Carter'
Cc: samba at lists.samba.org
Betreff: AW: [Samba] username map before passwd?


Hy jerry
thanks for response

lets ahve a look at the log

******************
 setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources. [2005/06/27 07:55:35, 2] auth/auth.c:check_ntlm_password(305)
  check_ntlm_password:  authentication for user [peter] -> [domainuu] -> [domainuu] succeeded [2005/06/27 07:55:35, 1] smbd/service.c:make_connection_snum(642)
  spz051 (172.18.36.17) connect to service hafliger initially as user domainuu (uid=50, gid=50) (pid 99392)
******************

and the whole username.map looks like 

domainuu= mars\*     <- the only one line.

so that means, local user peter first mappes to domainuu and connected to domainuu. if i  r e m o v e  the username.map completly i get the following log.

************************
  setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources. [2005/06/27 08:01:26, 0] lib/username.c:map_username(128)
  can't open username map /usr/local/samba/lib/username.map. Error No such file or directory [2005/06/27 08:01:27, 0] lib/username.c:map_username(128)
  can't open username map /usr/local/samba/lib/username.map. Error No such file or directory [2005/06/27 08:01:27, 2] auth/auth.c:check_ntlm_password(305)
  check_ntlm_password:  authentication for user [peter] -> [peter] -> [peter] succeeded [2005/06/27 08:01:27, 1] smbd/service.c:make_connection_snum(642)
  spz051 (172.18.36.17) connect to service hafliger initially as user peter (uid=799, gid=15) (pid 99458)
***************************
--> correct, i want to be connected as user peter

so i think it takes always first the username map file und try's to map the user, even if the user exists localy on the unix machine!

if this is correct for smbd, is it possible to tell smbd, not to map user if localy user exists on unix.


thanks peter


>>-----Ursprüngliche Nachricht-----
>>Von: Gerald (Jerry) Carter [mailto:jerry at samba.org]
>>Gesendet: Freitag, 24. Juni 2005 18:24
>>An: Häfliger Peter
>>Cc: samba at lists.samba.org
>>Betreff: Re: [Samba] username map before passwd?
>>
>>
>>-----BEGIN PGP SIGNED MESSAGE-----
>>Hash: SHA1
>>
>>Häfliger Peter wrote:
>>> Im using Samba 3.0.14a.
>>> 
>>> My problem is, that smb starts username mapping before
>>> it looks in passwd. last line of username map looks like follow
>>> 
>>> ###
>>> domainuu= mars\*
>>> ###
>>> 
>>> if user not exists in local passwd, so it should be mappd to 
>>> domainuu (works fine) but if i connect as user mars\peter (peter 
>>> exists as local unix account) it is also mapped to domainuu.  but 
>>> should connect as user peter.
>>> 
>>> is there any parameter which i can say, it should first check 
>>> /etc/passwd and afterwards username mapping. otherwise i need to map 
>>> every local user in username map like follow
>>> 
>>> ###
>>> !peter = mars\peter		<- ! match stopps further mapping
>>> domainuu= mars\*
>>> ***
>>> 
>>> The thing is, i need to map every domainuser (mars) to domainuu, to 
>>> use domainuu (unix user) as public share like domain guests.
>>
>>The way it should work is
>>
>>standalone server: 	apply username map, authenticate, getpwnam()
>>domain member:		authenticate, apply username 
>>map, getpwnam()
>>
>>Is this not how it is working for you?
>>
>>
>>
>>
>>
>>cheers, jerry
>>-----BEGIN PGP SIGNATURE-----
>>Version: GnuPG v1.4.0 (GNU/Linux)
>>Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
>>
>>iD8DBQFCvDOMIR7qMdg1EfYRAjsJAKC3PFKbCUmFFfG28JAdQvJmP+b5DQCeLGpb
>>H0PcgQj96QE7Jipkqe2hQiA=
>>=YJA7
>>-----END PGP SIGNATURE-----
>>

More information about the samba mailing list