[Samba] Valid users not working

"Д. Амиров" amirov at infinet.ru
Thu Oct 12 08:12:05 GMT 2006

Hi all.
Sorry for my bad english, i am from russia.
I have some servers with samba.
One PDC+ldap
One BDC+ldap
And some count of members.

It's working fine, but some days ago i try to use "valid users" 
directive, wich i already successfully used on PDC BDC.
But on domain members this directive fails.
I have checked log and see this error.

Sid @INFINET\rnd does not start with 'S-'.

But it's working with direct ldap connection.

What's wrong?

Thank you.

My configuration is:
#Domain section
    interfaces                  = eth0
    workgroup                   = IUYT
    netbios name                = TEST

    os level                    = 1

    domain logons               = No

    domain master               = No
    local master                = No
    preferred master            = No

    wins server                 =
    name resolve order          = wins bcast hosts

#Security section
    security                    = domain
    encrypt passwords           = Yes

    auth methods               = ntdomain
    password server            = NS1,NS2

    directory mode              = 0775
    create mask                 = 0664

    guest account               = nobody

    enable privileges           = Yes

    deadtime                    = 30

    valid users                 = @"IUYT\rnd"

#Debug section
    dos charset = cp866
    log file = /var/log/samba/samba.log
    log level = 5
    syslog = 0
    max log size = 1000

    hide dot files = Yes
    veto oplock files = /*.doc/*.xls

    browseable = Yes
    writable = Yes
    path = /tmp
    guest ok = Yes


It's working only with these options

    security = user

    passdb backend              = ldapsam:ldap://
    ldap admin dn               = cn=admin,dc=ldap,dc=qwe,dc=ru
    ldap suffix                 = dc=ldap,dc=qwe,dc=ru
    ldap group suffix           = ou=Group
    ldap machine suffix         = ou=Computers
    ldap user suffix            = ou=People

More information about the samba mailing list