[Samba] Sporadic Homedirs lost

kissg mail.gery at gmail.com
Wed Jul 16 20:27:13 GMT 2008


Try to set "obey pam restrictions = No" and see if it solves your problem.
In most cases, it's not required to use PAM for authenticating domain
clients.

2008/7/16 Achim Frank <achim.frank at erfrakon.de>:

> Hi List,
>
> since the upgrade of a LDAP based PDC/BDC system to PDC/BDC and fileserver
> we
> have problems with users sporadic loolsing their homedirs.
> These events are unreproducible and only sporadic. Only the homedir not any
> of
> the other shares mounted from the fileserver are subject to this connection
> breakoff. The logs seem to suggest the username has been "forgotten" by the
> fileserver as the user wants to access this private share.
>
> Attached find a portion of the logs from fileserver at the event of loosing
> a
> homedir (loglevel 3):
>
> [2008/07/15 09:43:01, 3] auth/auth.c:check_ntlm_password(221)
>  check_ntlm_password:  Checking password for unmapped user []\[]@[MACHINE]
> with the new password interface
> [2008/07/15 09:43:01, 3] auth/auth.c:check_ntlm_password(224)
>  check_ntlm_password:  mapped user is: [DOMAIN]\[]@[MACHINE]
> [2008/07/15 09:43:01, 3] auth/auth.c:check_ntlm_password(270)
>  check_ntlm_password: guest authentication for user [] succeeded
>
> In the morning everything works ok like this:
>
> [2008/07/15 08:09:44, 3] auth/auth.c:check_ntlm_password(221)
>  check_ntlm_password:  Checking password for unmapped user
> [DOMAIN]\[myself]@[MACHINE] with the new password interface
> [2008/07/15 08:09:44, 3] auth/auth.c:check_ntlm_password(224)
>  check_ntlm_password:  mapped user is: [DOMAIN]\[myself]@[MACHINE]
> [2008/07/15 08:09:44, 3] auth/auth.c:check_ntlm_password(270)
>  check_ntlm_password: winbind authentication for user [myself] succeeded
> [2008/07/15 08:09:44, 2] auth/auth.c:check_ntlm_password(309)
>  check_ntlm_password:  authentication for user [myself] -> [myself] ->
> [myself] succeeded
>
>
> Versions of Samba:
> The systems are running Debian Etch. PDC/BDC on Backports kernel
> 2.6.24-1-686,
> fileserver on stock Etch Kernel. Samba is installed as Sernet Etch Packages
> (http://ftp.sernet.de/pub/samba/debian/ sernet-samba_3.0.28-21_i386.deb
> sernet-samba-common_3.0.28-21_i386.deb sernet-samba-doc_3.0.28-21_all.deb
> sernet-smbclient_3.0.28-21_i386.deb). We also tried sernet-samba versions
> 3.0.30-22 and 3.2.0-22 but to no avail.
>
> Samba configuration:
>
> PDC/BDC:
> [global]
> ...
>        map to guest = Bad User
>        obey pam restrictions = Yes
>        template homedir = /home/%U
>        veto files = /lost+found/users/
> ...
> only shares [profiles] and [netlogon]
>
> fileserver:
> [global]
> ...
>        security = domain
>        map to guest = Bad User
>        obey pam restrictions = Yes
>        template homedir = /home/%U
>       veto files = /lost+found/users/
>
> [homes]
>        comment = Heimatverzeichnis
>        read only = No
>        create mask = 0700
>        browseable = No
>
>
> Has anybody a clue why this could happen? Are there "magic" switches to be
> set
> with smb.conf on PDC/BDC if homedirs are not present on the authenticating
> servers or anything else we migght have overlooked?
>
> Any recommendation on how to track down this misbehaving?
>
> Thanks for your answers,
> --achim
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/listinfo/samba
>


More information about the samba mailing list