[Samba] Classic PDC appears to revert to guest login on Samba 4
tda at ls83.eclipse.co.uk
tda at ls83.eclipse.co.uk
Fri Sep 11 14:51:18 UTC 2015
Hi
Just upgraded a classic PDC running Samba 3.6 to 4.1 and although I can
log in from a workstation (testing with W2k and XP), no drives are
mapped. From the logs it appears that I'm being logged in as guest.
smb.conf has been stable for 10+ years under Samba 3. I have added the
first line (server role), other than that it's untouched:
[global]
server role = classic primary domain controller
workgroup = NTDOMAIN
server string = Samba %v
passdb backend = tdbsam
log file = /var/log/samba/log.%m
log level = 5
max log size = 500
time server = Yes
socket options = TCP_NODELAY IPTOS_LOWDELAY SO_SNDBUF=8760 SO_RCVBUF=8760
show add printer wizard = No
logon script = logon.bat
logon path =
logon home =
domain logons = Yes
os level = 64
preferred master = Yes
domain master = Yes
dns proxy = No
hosts allow = 172.27.113., 192.168.2., 127.
load printers = yes
printing = cups
printcap name = cups
print command =
lpq command = %p
lprm command =
veto files = /*:/
msdfs root = no
wins support = yes
name resolve order = wins hosts lmhosts bcast
[printers]
comment = All Printers
path = /var/spool/samba
browseable = no
public = yes
guest ok = yes
read only = yes
printable = yes
[Data]
comment = Development Data
path = /mnt/sdb1/samba/share1/Data
valid users = +devel
read only = No
create mask = 0770
directory mask = 0770
force directory mode = 02770
force create mode = 0660
[homes]
comment = Home Directory
path = /mnt/sdb1/samba/share1/Users/%S
valid users = +users
read only = No
create mask = 0700
directory mask = 0700
force directory mode = 0
force create mode = 0
browseable = No
[netlogon]
path = /home/netlogon
write list = root
msdfs root = yes
[print$]
comment = Printer Drivers
path = /var/lib/samba/printers
browseable = yes
guest ok = no
read only = no
write list = root
In the logs this looks suspicious:
[2015/09/11 15:22:55.478781, 4]
../source3/param/loadparm.c:4878(lp_load_ex)
pm_process() returned Yes
[2015/09/11 15:22:55.478818, 3]
../source3/param/loadparm.c:1774(lp_add_ipc)
adding IPC service
[2015/09/11 15:22:55.478860, 5]
../source3/auth/auth_util.c:115(make_user_info_map)
Mapping user []\[] from workstation [DELL]
[2015/09/11 15:22:55.478906, 5]
../source3/auth/auth_util.c:137(make_user_info_map)
Mapped domain from [] to [NTDOMAIN] for user [] from workstation [DELL]
[2015/09/11 15:22:55.478935, 5]
../source3/auth/user_info.c:61(make_user_info)
attempting to make a user_info for ()
[2015/09/11 15:22:55.478961, 5]
../source3/auth/user_info.c:72(make_user_info)
making strings for 's user_info struct
[2015/09/11 15:22:55.478989, 5]
../source3/auth/user_info.c:92(make_user_info)
making blobs for 's user_info struct
[2015/09/11 15:22:55.479017, 3]
../source3/auth/auth.c:177(auth_check_ntlm_password)
check_ntlm_password: Checking password for unmapped user
[]\[]@[DELL] with the new password interface
[2015/09/11 15:22:55.479045, 3]
../source3/auth/auth.c:180(auth_check_ntlm_password)
check_ntlm_password: mapped user is: [NTDOMAIN]\[]@[DELL]
[2015/09/11 15:22:55.479078, 5] ../lib/util/util.c:556(dump_data)
[0000] 54 9F 54 CF 39 A9 CD 4B T.T.9..K
[2015/09/11 15:22:55.479130, 3]
../source3/auth/auth.c:226(auth_check_ntlm_password)
check_ntlm_password: guest authentication for user [] succeeded
[2015/09/11 15:22:55.479159, 5]
../source3/auth/auth.c:278(auth_check_ntlm_password)
check_ntlm_password: guest authentication for user [] -> [] ->
[nobody] succeeded
[2015/09/11 15:22:55.479200, 3]
../auth/ntlmssp/ntlmssp_sign.c:547(ntlmssp_sign_init)
NTLMSSP Sign/Seal - Initialising with flags:
[2015/09/11 15:22:55.479227, 3]
../auth/ntlmssp/ntlmssp_util.c:34(debug_ntlmssp_flags)
Looks like I'm ending up as a guest.
Thanks
Tim
More information about the samba
mailing list