[Samba] [SAMBA] understanding log.samba entries
bravo.galaxy at gmail.com
Wed Oct 5 07:13:37 UTC 2022
I'm trying to figure out whats exactly this entries in my log.samba on my
Auth: [SamLogon,network] user \ at [Tue, 04 Oct 2022 16:29:44.309361
CEST] with [(null)] status [NT_STATUS_NO_SUCH_USER] workstation
[\\\\WORKSTATIONNAME] remote host [ipv4:192.168.10.248:43342] mapped to
\. local host [ipv4:192.168.10.3:49152] NETLOGON computer [G] trust
WORKSTATIONNAME - is a workstation of remote vpn user (does not have
computer account in Active Directory computers, it's just standalone
192.168.10.248 - is a samba linux client joined to AD and working as file
G - G$ - is a DNS name and computer account of above linux server with ip
192.168.10.3 - is a linux samba Domain Controller server
Does it means that computer WORKSTATIONNAME tries to authenticate against
DC to access some shares on G than G asks for auth my DC which says that
there is no such computer account ?
Or it is something different ?
I wonder what that means user \ and mapped to \. ?
There are a lot of this entries in my log last days.
More information about the samba