[Samba] [SAMBA] understanding log.samba entries
Łukasz Sellmann
bravo.galaxy at gmail.com
Wed Oct 5 07:13:37 UTC 2022
Hi
I'm trying to figure out whats exactly this entries in my log.samba on my
DC means:
Auth: [SamLogon,network] user []\[] at [Tue, 04 Oct 2022 16:29:44.309361
CEST] with [(null)] status [NT_STATUS_NO_SUCH_USER] workstation
[\\\\WORKSTATIONNAME] remote host [ipv4:192.168.10.248:43342] mapped to
[]\[]. local host [ipv4:192.168.10.3:49152] NETLOGON computer [G] trust
account [G$]
where:
WORKSTATIONNAME - is a workstation of remote vpn user (does not have
computer account in Active Directory computers, it's just standalone
workstation)
192.168.10.248 - is a samba linux client joined to AD and working as file
server
G - G$ - is a DNS name and computer account of above linux server with ip
192.168.10.248
192.168.10.3 - is a linux samba Domain Controller server
Does it means that computer WORKSTATIONNAME tries to authenticate against
DC to access some shares on G than G asks for auth my DC which says that
there is no such computer account ?
Or it is something different ?
I wonder what that means user []\[] and mapped to []\[]. ?
There are a lot of this entries in my log last days.
--
Regards
Łukasz Sellmann
More information about the samba
mailing list