[Samba] Help: TS login authenticating using Machine name of TS instead of user.

Thomas Spaziani toms at norchemlab.com
Fri Apr 15 21:54:24 MDT 2011

Hi All,

  I've had Samba 3.4.7 setup as a fileserver connected to a Win2K3 
domain controller working great for a while now.  Roaming profiles work 
perfectly when logging in from the machines locally.  However when I try 
and login to a WinXP or 2K3 machine via an RDP session (Terminal 
Services) it is unable to locate the profile.  I bumped the logging up 
and still saw no reason why.  When I allowed guests to the shares, I 
finally saw why it failed.  Win2K3 when logging in via TS/RDP is using 
the Machine Name of the TS to authenticate to Samba.  Thus samba is 
looking for \\samba\profiles\%U  incorrectly since %U is the machine 
name and not the user attempting to login.

A bit more background.  I have a pre-exec script that is run each time 
access to a share is requested.  Its sole purpose is to create the home 
and profile folders for people when logging in the first time from 

For instance if user toms logs in locally to a Win2K3 machine (name 
termsrv).  \\samba\profiles points to /mnt/filesrv/homes/%U/profile/%a
This works great.  I also setup a profiles.V2 which points to the same 
place and the %a takes care of the architecture difference if logging in 
to a Vista/Win2008/7 machine.

The script create the /mnt/file/homes/toms just fine on first logon.

Here is where it gets weird, when I login via RDP to the same machine. I 
see  /mnt/file/homes/termsrv_   show up.  termsrv_ is certainly not 
found via the ldap lookup so permissions aren't set and the Win2K3 
machine complains it doesn't have access to my roaming profile.

So why is the machine name being sent in place of %U only via RDP 
logins.  Is that intended Win2K3 TS behaviour?  How can Samba handle this?

- Tom

More information about the samba mailing list