[Samba] [SAMBA] understanding log.samba entries

Łukasz Sellmann bravo.galaxy at gmail.com
Wed Oct 5 07:13:37 UTC 2022


I'm trying to figure out whats exactly this entries in my log.samba on my
DC means:

Auth: [SamLogon,network] user []\[] at [Tue, 04 Oct 2022 16:29:44.309361
CEST] with [(null)] status [NT_STATUS_NO_SUCH_USER] workstation
[\\\\WORKSTATIONNAME] remote host [ipv4:] mapped to
[]\[]. local host [ipv4:]  NETLOGON computer [G] trust
account [G$]


WORKSTATIONNAME - is a workstation of remote vpn user (does not have
computer account in Active Directory computers, it's just standalone
workstation) - is a samba linux client joined to AD and working as file
G - G$  - is a DNS name and computer account of above linux server with ip - is a linux samba Domain Controller server

Does it means that computer WORKSTATIONNAME tries  to authenticate against
DC to access some shares on G  than G asks for auth my DC which says that
there is no such computer account ?
Or it is something different ?
I wonder what that means user []\[] and mapped to []\[]. ?

There are a lot of this entries in my log last days.



Łukasz Sellmann

More information about the samba mailing list