[Samba] could not parse domain user errors

Jason Gerfen jason.gerfen at scl.utah.edu
Thu May 22 12:33:17 GMT 2008 

Volker Lendecke wrote:
> On Wed, May 21, 2008 at 11:23:36AM -0600, Jason Gerfen wrote:
>> Hello again. Well I am stuck again. I cannot for the life of me get the 
>> wbinfo -i username to work properly
>>
>> Here is some more information pulled from the log.winbind file:
>> [2008/05/21 11:15:15, 10] nsswitch/winbindd.c:process_request(314)
>>   process_request: request fn GETPWNAM
>> [2008/05/21 11:15:15, 3] nsswitch/winbindd_user.c:winbindd_getpwnam(346)
>>   [14936]: getpwnam smb
>> [2008/05/21 11:15:15, 5] nsswitch/winbindd_user.c:winbindd_getpwnam(353)
>>   Could not parse domain user: smb
> 
> Try wbinfo -i domain\\username.

Tried that. I think it has something to do with our Active Directory 
configuration.

I can query and see the user is present
%> wbinfo -u | grep SCL+smb

Obtaining information about the user fails
%> wbinfo -i SCL+smb
%> wbinfo -i SCL\\smb
%> wbinfo -i SCL\smb
%> wbinfo -i smb
Could not get info for user smb

wbinfo -u & wbinfo -g shows all of the domain users and groups. I can 
authenticate a user as long as they are in the local passwd database but 
when trying to authenticate a domain user I am seeing the following in 
the logs:

[2008/05/22 06:03:59, 3] auth/auth.c:check_ntlm_password(221)
   check_ntlm_password:  Checking password for unmapped user 
[valhalla.scl.utah.edu]\[smb]@[DC1-MMC] with the new password interface
[2008/05/22 06:03:59, 3] auth/auth.c:check_ntlm_password(224)
   check_ntlm_password:  mapped user is: [SCL]\[smb]@[DC1-MMC]
....
[2008/05/22 06:03:59, 5] lib/username.c:Get_Pwnam_internals(102)
   Checking combinations of 0 uppercase letters in smb
[2008/05/22 06:03:59, 5] lib/username.c:Get_Pwnam_internals(108)
   Get_Pwnam_internals didn't find user [smb]!
....
[2008/05/22 06:03:59, 5] auth/auth.c:check_ntlm_password(273)
   check_ntlm_password: winbind authentication for user [smb] FAILED 
with error NT_STATUS_NO_SUCH_USER
[2008/05/22 06:03:59, 2] auth/auth.c:check_ntlm_password(319)
   check_ntlm_password:  Authentication for user [smb] -> [smb] FAILED 
with error NT_STATUS_NO_SUCH_USER

Can anyone point out to me the mapping aspect because in the logs it shows
check_ntlm_password:  mapped user is: [SCL]\[smb]@[DOMAIN-CONTROLLER]
Which I think should be
check_ntlm_password:  mapped user is: [SCL]\[smb]@[DOMAIN.COM] (our 
Kerberos realm)

Any help is appreciated.
> 
> Volker


-- 
Jas

More information about the samba mailing list