[Samba] Differences with net join

Jeremy Allison jra at samba.org
Fri Sep 30 20:36:53 GMT 2005

On Fri, Sep 30, 2005 at 01:24:30PM -0600, Ric Tibbetts wrote:
> At 01:13 PM 9/30/2005, you wrote:
> >On Fri, Sep 30, 2005 at 12:38:28PM -0600, Ric Tibbetts wrote:
> >>
> >> So the user does exist. But for some strange reason (which I still
> >> don't understand), it doesn't report that to Samba at login time.
> >>
> >> >I'm CC:ing to the list so people can see the resolution of this issue.
> >>
> >> Sorry to say, that it's not resolved yet. I think we've found the
> >> symptom, but not the cause.
> >> If the user exists, why doesn't samba see it?
> >>
> >> All of the assistance on this is greatly appreciated!
> >
> >Oops, sorry - I deleted the email with the logs. You'll have to
> >send me another copy and I'll look further...
> >
> >Jeremy.
> No problem. Fresh logs attached.
> Again, the assist is greatly appreciated!

Ok - it looks like you're trying to use winbindd on this box. If you
already have a unix uid that you've mapped the numeric windows user
to you don't need to use winbindd. Can you confirm if you are running
winbindd or now ? If you are, kill it and retry.

This is related to Jerry's code here in auth/auth_util.c so I might ask
him to look at the log:

        /* try to fill the SAM account..  If getpwnam() fails, then try the
           add user script (2.2.x behavior).

           We use the _unmapped_ username here in an attempt to provide
           consistent username mapping behavior between kerberos and NTLM[SSP]
           authentication in domain mode security.  I.E. Username mapping should
           be applied to the fully qualified username (e.g. DOMAIN\user) and
           no just the login name.  Yes this mean swe called map_username()
           unnecessarily in make_user_info_map() but that is how the current
           code is designed.  Making the change here is the least disruptive
           place.    -- jerry */

        nt_status = fill_sam_account(mem_ctx, nt_domain, sent_nt_username,
                &found_username, &uid, &gid, &sam_account);

        if (NT_STATUS_EQUAL(nt_status, NT_STATUS_NO_SUCH_USER)) {
                DEBUG(3,("User %s does not exist, trying to add it\n", internal_username));
                smb_create_user( nt_domain, sent_nt_username, NULL);
                nt_status = fill_sam_account( mem_ctx, nt_domain, sent_nt_username,
                        &found_username, &uid, &gid, &sam_account );


More information about the samba mailing list