samba - Mar 2010 - A strange file-ownership problem

The scenario:

I have two Samba servers on my network.  One, running v3.0.37, is on my 
main server, a Solaris 10 x86 box.  The other, just updated from 3.0.37 
to 3.4.5 in the hope of solving this problem, is on my workstation, a 
Gentoo Linux box.  The Linux Samba server shares only [homes].  The 
Solaris Samba server shares [homes] and four other shares.  Unix UIDs 
are synchromized betwene the two machines - i.e, my user account is UID 
1000 on both.

The problem:

I have a user account (which does have administrator rights) on the XP 
box.  That account has the same username and password as my Unix user 
accounts.  If I copy a file from my XP desktop to the [export] share on 
the Solaris box, it shows up from the Unix side correctly owned by my 
user account.  However, if I copy the exact same file to the [homes] 
share on the Gentoo box or the [shares] share on the Solaris box, it 
shows up owned by root.  Out of constructive paranoia, I even went so 
far as to explicitly map my user account name, Windows side, to the 
identical user account name, Unix side, in /etc/samba/smbusers.map.  It 
didn't help.  Looking at the log file on the Gentoo smbd, I see entries 
like this:

[2010/02/04 13:56:53, 1] smbd/service.c:make_connection_snum(1042)
  vorlon (10.24.32.20) connect to service alaric initially as user 
  alaric (uid=0, gid=100) (pid 13422)

which seems to be a major part of the issue:  for some reason, it's
matching user alaric to uid 0 instead of uid 1000.  What I can't figure 
out is why.  More oddly, the Solaris smbd seems to be getting different 
uids at different times depending which share I connect to:

[2010/02/28 17:56:02, 1] smbd/service.c:(1042)
  vorlon (10.24.32.20) connect to service export initially as user 
  alaric (uid=1000, gid=100) (pid 29828)
[2010/02/28 17:56:02, 1] smbd/service.c:(1042)
  vorlon (10.24.32.20) connect to service shares initially as user 
  alaric (uid=0, gid=100) (pid 29828)
    

Does anyone have any pointers for solving this problem?  I'm utterly 
baffled at this point.




smb.conf on the Gentoo box:

# Samba config file created using SWAT
# from 10.24.32.10 (10.24.32.10)
# Date: 2010/02/10 14:00:24

[global]
	workgroup = RUTHVEN
	server string = Babylon5
	security = user
	local master = no
	map to guest = Bad User
	username map = /etc/samba/smbusers
	lanman auth = No
	client NTLMv2 auth = Yes
	client lanman auth = No
	client plaintext auth = No
	log file = /var/log/samba/log.%m
	max log size = 50
	disable netbios = Yes
	socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
	printcap name = cups
	dns proxy = No
	idmap uid = 1000-20000
	idmap gid = 1000-20000
	hosts allow = 10.24.32., #, 192.168.1., 192.168.2., 127.

[homes]
	comment = Home Directories
	read only = No
	create mask = 0644
	browseable = No

[printers]
	comment = All Printers
	path = /var/spool/samba
	printable = Yes
	printing = cups
	print command = lpr -P'%p' %s; rm %s
	lpq command = lpq -P'%p'
	lprm command = lprm -P'%p' %j
	lppause command = lp -i '%p-%j' -H hold
	lpresume command = lp -i '%p-%j' -H resume
	queuepause command = disable '%p'
	queueresume command = enable '%p'
	browseable = No

[print$]
	path = /var/lib/samba/printers
	write list = @adm, root
	guest ok = Yes



And on the Solaris box:

# Samba config file created using SWAT
# from 10.24.32.10 (10.24.32.10)
# Date: 2010/02/10 13:57:06

[global]
	workgroup = RUTHVEN
	server string = Babylon4
	interfaces = bge0, 10.24.32.14/255.255.255.0
	username map = /etc/sfw/smbusers.map
	lanman auth = No
	client NTLMv2 auth = Yes
	client lanman auth = No
	client plaintext auth = No
	log file = /var/samba/log/log.%m
	max log size = 50
	disable netbios = Yes
	load printers = No
	preferred master = Yes
	domain master = Yes
	dns proxy = No
	idmap uid = 1000-20000
	idmap gid = 1000-20000
	template homedir = /home/%U
	template shell = /usr/bin/bash
	hosts allow = 10.24.32., 10.24.33., 127.
	hide files = /.AppleDB/.AppleDesktop/.AppleDouble/.DS_Store

[homes]
	comment = Home Directories
	read only = No
	create mask = 0644
	browseable = No

[export]
	comment = Network Storage
	path = /netstore
	valid users = alaric, cymru, administrator, goose, pirate, wen
	read list = goose, pirate, wen
	write list = alaric, cymru, administrator
	read only = No
	create mask = 0644
	guest ok = Yes

[shares]
	comment = Shared Folders
	path = /shares
	valid users = alaric, cymru, administrator, goose, pirate, wen
	admin users = alaric, cymru, administrator
	read list = alaric, cymru, administrator, goose, pirate, wen
	write list = alaric, cymru, administrator, goose, pirate, wen
	read only = No
	create mask = 0644
	guest ok = Yes

[printers]
	comment = All Printers
	path = /var/spool/samba
	printable = Yes
	printing = cups
	print command = lpr -P'%p' %s; rm %s
	lpq command = lpq -P'%p'
	lprm command = lprm -P'%p' %j
	lppause command = lp -i '%p-%j' -H hold
	lpresume command = lp -i '%p-%j' -H resume
	queuepause command = disable '%p'
	queueresume command = enable '%p'
	browseable = No




--
  Phil Stracchino, CDK#2     DoD#299792458     ICBM: 43.5607, -71.355
  alaric at caerllewys.net   alaric at metrocast.net   phil at co.ordinate.org
         Renaissance Man, Unix ronin, Perl hacker, Free Stater
                 It's not the years, it's the mileage.