[Samba] DFS access

F. David del Campo Hill delcampo at stats.ox.ac.uk
Fri Oct 12 12:33:46 GMT 2007

Hi all,

	This is my first message here, so pardon me if I break some

	I have a Linux (Debian 4, kernel 2.6.18-4-686) SaMBa (3.0.24)
server whose shares I want to mount on a Distributed File System running
from a Windows Server 2003 R2. The share itself is accessible without
problems as long as I try to get to it directly (\\smb\share), but if I
try to browse through the DFS I get the "\\DFS\share is not accessible.
You might not have permission to use this network resource...
Configuration information could not be read from the domain controller,
either because the machine is unavailable, or access has been denied"
error message. The SaMBa server is part of the Active Directory domain.
Also, a similar server with the same software and smb.conf file
(different host and share names, of course) works with that same DFS
without any problems whatsoever. Both servers are on the same side of
the firewall and reside in the same Organizational Unit of Active

	The (sanitized) smb.conf file I use is:

   workgroup            = DOMAIN
   security             = ADS
   netbios name         = smb
   netbios aliases      = smb
   realm                = DOMAIN.UK
   encrypt passwords    = yes
   password server      = *
   server string        = Samba shares for smb on %h
   bind interfaces only = yes
   hosts allow          = *our IP range*
   interfaces           = *smb IP*
   log file             = /var/log/samba/log.%m
   log level            = 1 passdb:2 auth:2
   locking              = yes
   lock directory       = /var/log/samba/locks
   pid directory        = /var/run
   private dir          = /etc/samba/private
   username map         = /etc/samba/username.map
   smb passwd file      = /etc/samba/private/smbpasswd
   show add printer wizard = no
   utmp directory       = /var/log
   encrypt passwords    = yes
   domain master        = no
   preferred master     = no
   guest account        = nobody
   max log size         = 1000
   syslog               = 0
   socket options       = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
   invalid users        = root admin
   local master         = no
   dns proxy            = no
   panic action         = /usr/share/samba/panic-action %d

   comment              = Webservice Documents
   path                 = /data/sites/share
   printable            = no
   browseable           = no
   write list           = @sysman
   valid users          = @sysman
   force user           = sysman
   force group          = sysman

	The log file (sanitized) only reports:

[2007/10/12 13:17:45, 0] smbd/map_username.c:map_username(107)
  can't open username map /etc/samba/username.map. Error No such file or
[2007/10/12 13:17:45, 1] smbd/sesssetup.c:reply_spnego_kerberos(310)
  Username STATS\CLIENT$ is invalid on this system

Both SaMBa servers have no username.map, and the CLIENT machine works
with the other server.

	Where else should I look for differences between the two SaMBa
servers? What is going on?

	Thank you for your help.


More information about the samba mailing list