[Samba] Question(s) about user mapping

Jon Yeargers yeargers at ohsu.edu
Fri Jul 18 12:47:34 MDT 2014

# Global parameters
        workgroup = BME
        realm = DOMAIN.EDU
        netbios name = BEANBAG

        encrypt passwords = yes
        log level = 5

        server role = active directory domain controller
        dns forwarder =
        idmap_ldb:use rfc2307 = yes

        map untrusted to domain = Yes

        path = /usr/local/samba/var/locks/sysvol/domain.edu/scripts
        read only = No

        path = /usr/local/samba/var/locks/sysvol
        read only = No

What other configs are relevant here?

-----Original Message-----
From: samba-bounces at lists.samba.org [mailto:samba-bounces at lists.samba.org] On Behalf Of Rowland Penny
Sent: Friday, July 18, 2014 9:49 AM
To: samba at lists.samba.org
Subject: Re: [Samba] Question(s) about user mapping

On 18/07/14 17:14, Jon Yeargers wrote:
> I've setup samba4 to authenticate against a separate LDAP server. I can ssh to my server but attempts to login to a windows7 member server using the ldap domain are not working.
> Relevant errors:
> [2014/07/18 06:46:28.177400,  3] ../source4/auth/ntlm/auth.c:270(auth_check_password_send)     auth_check_password_send: Checking password for unmapped user [ldapdom]\[user]@[win7host]    auth_check_password_send: mapped user is: [sambadom]\[user]@[win7host]
> [2014/07/18 06:46:28.178098,  3] ../source4/auth/ntlm/auth_sam.c:61(authsam_search_account)      sam_search_user: Couldn't find user [user] in samdb, under C=dom,DC=server,DC=edu
> [2014/07/18 06:46:28.178184,  2] ../source4/auth/ntlm/auth.c:420(auth_check_password_recv)      auth_check_password_recv: sam_ignoredomain authentication for user [sambadom\user]    FAILED with error NT_STATUS_NO_SUCH_USER
> It appears that some manner of user id mapping is being searched for. What I really want is for it to preserve and use the domain that was passed in rather than substituting it.
> CentOS 6.4 x64
> Samba 4.1.0
> Sssd 1.9.2
Hi, I think that you are going to have to give us some more info here, smb.conf etc


To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

More information about the samba mailing list