[Samba] AIX 52 and long (>8) character Windows usernames

Kent Wick Kent.Wick at ers.state.tx.us
Tue Feb 14 16:41:09 GMT 2006


Env: AIX 5.2 ML07 with Samba 3.0.21b (compiled in-house) with config options of:
  --with-pam --with-winbind --with-acl-support --with-aio-support

Can anybody shed any light on why users that have 8 characters or less
(Windows and AIX) and are defined in /etc/passwd can access the defined
Samba share while those users with a Windows username of 9 characters
or more (who have been defined in the "username map" file are always 
presented with an authentication window?

Is there something that I have wrong that I am just not seeing?

This Samba server is functioning as a member server in an existing Windows NT domain.

smb.conf reads:
[global]
        workgroup = ERSSECURITY
        netbios name = SAMBASRVR
        server string = Samba
        security = DOMAIN
        algorithmic rid base = 500000
        username map = /usr/local/samba/lib/nt_dom_2_unix_user_map
        ldap ssl = no
        idmap uid = 10001-30000
        idmap gid = 10001-30000
        winbind separator = +

[denali_d]
        path = /samba/denali_d
        read only = No
#       guest ok = Yes

The file noted in "username map" reads:
brad=ERSSECURITY/bstafford
mrutherf=ERSSECURITY/mrutherford
sambat2=ERSSECURITY/sambatest
sambat2=sambatest

/etc/pam.conf reads:
#       Authentication
#
login   auth    required        /usr/lib/security/pam_winbind.so
login   auth    required        /usr/lib/security/pam_aix try_first_pass
#  login        auth    required        /usr/lib/security/pam_aix
#  login        auth    required        /usr/lib/security/pam_winbind.so try_first_pass
su      auth    sufficient      /usr/lib/security/pam_aix
OTHER   auth    required        /usr/lib/security/pam_aix
#
#       Account Mgmt
#
#  login        account required        /usr/lib/security/pam_aix
login   account sufficient      /usr/lib/security/pam_winbind.so try_first_pass
OTHER   account required        /usr/lib/security/pam_aix
#
#       Session Mgmt
#
OTHER   session required        /usr/lib/security/pam_aix
#
#       Password Mgmt
#
OTHER   password        required        /usr/lib/security/pam_aix






More information about the samba mailing list