Dirk Brenckmann
2004-Mar-12 08:30 UTC
[Samba] Need urgent help with "user_info->client_domain.str" and "user_info->domain.str"
Hi there, anybody here to help me with: "user_info->client_domain.str" and "user_info->domain.str" Problem: check_ntlm_password: Checking password for unmapped user [FRSTPRV.DE]\[SambaAdmin302]@[HEARTOFGOLD] with the new password interface check_ntlm_password: mapped user is: [FRSTPRV]\[SambaAdmin302]@[HEARTOFGOLD] Where from does samba receive the "user_info->domain.str" ??? It ([FRSTPRV]) is definitly wrong, and I'd like to know where (in the code) and how "user_info->domain.str" is resolved/set. I'm running Samba 3.0.2a and can't join Win2K/XP/whatever to the samba PDC of [FRSTPRV.DE] because of this... ...switching [FRSTPRV.DE] to [FOO] does not change a thing ;-) ...and yes - there is a Samba 2.2.8 Domain in the net, using the name "FRSTPRV". Any idea what's going on here? Thanx 4 any help Dirk Brenckmann P.S: Already found: http://samba.org/doxygen/samba/auth_8c-source.html#l00205 (But does not "really" help without more context...)
Andrew Bartlett
2004-Mar-12 11:41 UTC
[Samba] Need urgent help with "user_info->client_domain.str" and "user_info->domain.str"
On Fri, 2004-03-12 at 19:30, Dirk Brenckmann wrote:> Hi there, > > anybody here to help me with: > "user_info->client_domain.str" and "user_info->domain.str" > > Problem: > check_ntlm_password: Checking password for unmapped user > [FRSTPRV.DE]\[SambaAdmin302]@[HEARTOFGOLD] > with the new password interface > check_ntlm_password: mapped user is: > [FRSTPRV]\[SambaAdmin302]@[HEARTOFGOLD] > > Where from does samba receive the "user_info->domain.str" ???If the domain that the request comes in as is not one of our trusted domains, then we map it to our local domain.> It ([FRSTPRV]) is definitly wrong, and I'd like to know where (in > the code) and how "user_info->domain.str" is resolved/set.From 'workgroup ='...> I'm running Samba 3.0.2a and can't join Win2K/XP/whatever to > the samba PDC of [FRSTPRV.DE] because of this...Is this a realm name, or a netbios domain name?> ...switching [FRSTPRV.DE] to [FOO] does not change > a thing ;-) > > ...and yes - there is a Samba 2.2.8 Domain in the net, using the > name "FRSTPRV". > > Any idea what's going on here? > Thanx 4 any help > Dirk BrenckmannCan you post your smb.conf? Andrew Bartlett -- Andrew Bartlett abartlet@pcug.org.au Manager, Authentication Subsystems, Samba Team abartlet@samba.org Student Network Administrator, Hawker College abartlet@hawkerc.net http://samba.org http://build.samba.org http://hawkerc.net -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part Url : http://lists.samba.org/archive/samba/attachments/20040312/3d2b17cf/attachment.bin
Dirk Brenckmann
2004-Mar-12 12:28 UTC
[Samba] RE: Need urgent help with "user_info->client_domain.str" and "user_info->domain.str"
... of course ... sorry - replied to your account directly... # Global parameters [global] # Some basic server settings netbios name = XDC workgroup = FRSTPRV.DE # Act as Domain and local master browser os level = 128 preferred master = yes domain master = yes local master = yes # Security settings of a PDC must be of user security type security = user # NT and 2000 do not accept unencrypted passwords encrypt passwords = yes min password length = 8 # ############################################################# ############# # # LDAP related parameters # # Samba V 2.2.8 and higher - LDAP parameters # # DN used for retreiving user account information (see man smb.conf) ldap admin dn = "uid=SambaAdmin302,ou=Technische Nutzer,ou=people,dc=first-private,dc=de" # Define the SSL option, when connecting to the directory # ['off'|'start tls'|'on'(default)] ldap ssl = off # # Samba V 3.0.0 and higher - LDAP parameters # passdb backend = ldapsam:ldap://ldap.first-private.de # idmap backend server used for mapping unix and windows uids and gids. # This option is essential, if using PDC/BDC concepts. # idmap backend = ldap://cicero.first-private.de # idmap gid = 10000-99999 # idmap uid = 10000-99999 # Delete requests onle remove smb specific information. Any other # LDAP attributes will be left unchanged. ldap delete dn = no # Suffic used for all ldap objects ldap suffix = ou=people,dc=first-private,dc=de # Self explaining... # no = Only update ntPassword and lmPassword # (iplanet does not support [yes|only]!) ldap passwd sync = no # # ############################################################# ############## # Support domain logons domain logons = yes # Support wins wins support = yes # Put the profile to: logon path = \\%N\profiles\%U logon drive = I: logon home = \\%N\%U logon script = logon.bat # User definitions admin users = Samba301Admin # Keep alive options deadtime = 240 socket options = TCP_NODELAY IPTOS_LOWDELAY SO_KEEPALIVE keepalive = 20 read raw = yes write raw = yes oplocks = yes max xmit = 65535 getwd cache = yes # Been taking this from old ffmkag server - maybe it's relevant: log file = /usr/local/samba/var/log/log.%m log level = 100 max log size = 500 # Some debug options debug uid = yes # Include necessary shares for domain controller: include = /usr/local/samba/lib/shares/windows/windows.conf # Include group shares include = /usr/local/samba/lib/shares/group/group.conf