[Samba] User mapping/login issue
Stephen Davies
sdavies at sdc.com.au
Wed Apr 24 03:02:58 UTC 2019
On 23/04/19 18:01, Rowland Penny wrote:
> On Tue, 23 Apr 2019 15:01:24 +0930
> Stephen Davies via samba <samba at lists.samba.org> wrote:
>
>
>> There is no ntlm auth entry in smb.conf
>
> Just because you do not have an 'ntlm auth' line in your visible
> smb.conf, this does not mean you do not have one, it defaults to 'ntlm
> auth = no' which turns off NTLMv1
>
>
>> [global]
>> workgroup = BENPARTS
>> netbios name = server
>> server string = Samba Server %v
>> printcap name = cups
>> load printers = yes
>> printing = cups
>> log file = /var/log/samba/log.%m
>> max log size = 50
>> log level = 4
>> guest account = benparts
>
> Do you actually have a user called 'benparts' (which incidentally is
> the same as your workgroup) ?
>
>> # Allow users to map to guest:
>> map to guest = baduser
>
> It is 'Bad User' not 'baduser'
>
>> security = user
>> username level = 8
>> preferred master = yes
>> name resolve order = host lmhosts wins bcast
>> wins support = yes
>> preserve case = yes
>> dos charset = 850
>> unix charset = ISO8859-1
>> domain master = yes
>> domain logons = yes
>
> Ah, it is a PDC
>
> You could try adding 'server max protocol = NT1'
>
> Rowland
>
>
The baduser entry was a recent change where I got confused with my attempts to
reconfigure Sendmail to use baduser. Spotted "bad user" in smb.conf and
thought it was the same thing. Now fixed.
I have added ntlm auth and server max protocol entries as suggested but now get:
[2019/04/24 11:03:05.885593, 3] ../source3/smbd/negprot.c:419(reply_nt1)
using SPNEGO
[2019/04/24 11:03:05.885624, 3] ../source3/smbd/negprot.c:761(reply_negprot)
Selected protocol NT LM 0.12
[2019/04/24 11:03:06.087417, 1] ../source3/smbd/process.c:554(receive_smb_talloc)
receive_smb_raw_talloc failed for client ipv4:10.55.66.82:59271 read error
= NT_STATUS_CONNECTION_RESET.
where 10.55.66.82 is the VPN-assigned IP of the windows client.
The firewall accepts all protocols from the VPN.
--
More information about the samba
mailing list