We've been running Samba2.2.x and relying on the underlying Solaris user
authentication (/etc/passwd /etc/shadow). For historical reasons, we've
allowed plaintext passwords.
Now as we've upgraded to Samba 3.0.3. we would like to continue this method
of authentication (at least until we can implement ldap). The docs are
sketchy at best (you can use plaintext authentication, etc.), but no
smb.conf information on how to continue doing so in 3.0.3. We're attempting
to run with our 2.2.8a smb.conf (see below) and the following log info is
produced.
Any guidance you can provide would be appreciated.
Mark
[2004/05/05 09:25:38, 3] auth/auth.c:check_ntlm_password(219)
check_ntlm_password: Checking password for unmapped user
[MARKSNOTEBOOK]\[t0rmsmsd]@[MARKSNOTEBOOK] with the new password interface
[2004/05/05 09:25:38, 3] auth/auth.c:check_ntlm_password(222)
check_ntlm_password: mapped user is: [RMF22]\[t0rmsmsd]@[MARKSNOTEBOOK]
[2004/05/05 09:25:38, 3] smbd/sec_ctx.c:push_sec_ctx(256)
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2004/05/05 09:25:38, 3] smbd/uid.c:push_conn_ctx(351)
push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2004/05/05 09:25:38, 3] smbd/sec_ctx.c:set_sec_ctx(288)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2004/05/05 09:25:38, 3] smbd/sec_ctx.c:pop_sec_ctx(386)
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2004/05/05 09:25:38, 3] auth/auth_sam.c:check_sam_security(202)
check_sam_security: Couldn't find user 't0rmsmsd' in passdb file.
[2004/05/05 09:25:38, 2] auth/auth.c:check_ntlm_password(312)
check_ntlm_password: Authentication for user [t0rmsmsd] -> [t0rmsmsd] FAILED
with error NT_STATUS_NO_SUCH_USER
---------------
smb.conf
---------------
[global]
; necessary to duplicate share methods in pre 2.0 samba
; this is vs. user level security
security = user
workgroup = lab
server string = V480 Solaris running Samba
log file = /usr/local/samba/var/log.%m
log level = 3
max log size = 50
; To support WINS / browsing across network
; Make this a WINS server
wins support = yes
; Make this a domain master browser
domain master = yes
; Make this a local master browser
local master = yes
; Make this a preferred master browser
preferred master = yes
; a bit of harmless voter fraud
os level = 65
; allow usernames to be mapped (ex. t0rmsmbhf -> brendaf)
username map = /usr/local/samba/lib/users.map
; suggested fix to allow win 2000 to participate
;nt smb support = no
;nt pipe support = no
[pcserve]
path = /home/pcserve
read only = no
[homes]
writable = true
browseable = no
[ljp]
printing = bsd
path = /var/spool/samba/ljp
writable = no
printable = yes
print command = /usr/ucb/lpr -P %p %s
lprm command = /usr/ucb/lprm -P %p %j
lpq command = /usr/ucb/lpq -P %p
[rmf587]
printing = bsd
path = /var/spool/samba/rmf587
writable = no
printable = yes
print command = /usr/ucb/lpr -P %p %s
lprm command = /usr/ucb/lprm -P %p %j
lpq command = /usr/ucb/lpq -P %p
