Dirk Brenckmann
2004-Mar-12 08:30 UTC
[Samba] Need urgent help with "user_info->client_domain.str" and "user_info->domain.str"
Hi there,
anybody here to help me with:
"user_info->client_domain.str" and
"user_info->domain.str"
Problem:
check_ntlm_password: Checking password for unmapped user
[FRSTPRV.DE]\[SambaAdmin302]@[HEARTOFGOLD]
with the new password interface
check_ntlm_password: mapped user is:
[FRSTPRV]\[SambaAdmin302]@[HEARTOFGOLD]
Where from does samba receive the "user_info->domain.str" ???
It ([FRSTPRV]) is definitly wrong, and I'd like to know where (in
the code) and how "user_info->domain.str" is resolved/set.
I'm running Samba 3.0.2a and can't join Win2K/XP/whatever to
the samba PDC of [FRSTPRV.DE] because of this...
...switching [FRSTPRV.DE] to [FOO] does not change
a thing ;-)
...and yes - there is a Samba 2.2.8 Domain in the net, using the
name "FRSTPRV".
Any idea what's going on here?
Thanx 4 any help
Dirk Brenckmann
P.S: Already found:
http://samba.org/doxygen/samba/auth_8c-source.html#l00205
(But does not "really" help without more context...)
Andrew Bartlett
2004-Mar-12 11:41 UTC
[Samba] Need urgent help with "user_info->client_domain.str" and "user_info->domain.str"
On Fri, 2004-03-12 at 19:30, Dirk Brenckmann wrote:> Hi there, > > anybody here to help me with: > "user_info->client_domain.str" and "user_info->domain.str" > > Problem: > check_ntlm_password: Checking password for unmapped user > [FRSTPRV.DE]\[SambaAdmin302]@[HEARTOFGOLD] > with the new password interface > check_ntlm_password: mapped user is: > [FRSTPRV]\[SambaAdmin302]@[HEARTOFGOLD] > > Where from does samba receive the "user_info->domain.str" ???If the domain that the request comes in as is not one of our trusted domains, then we map it to our local domain.> It ([FRSTPRV]) is definitly wrong, and I'd like to know where (in > the code) and how "user_info->domain.str" is resolved/set.From 'workgroup ='...> I'm running Samba 3.0.2a and can't join Win2K/XP/whatever to > the samba PDC of [FRSTPRV.DE] because of this...Is this a realm name, or a netbios domain name?> ...switching [FRSTPRV.DE] to [FOO] does not change > a thing ;-) > > ...and yes - there is a Samba 2.2.8 Domain in the net, using the > name "FRSTPRV". > > Any idea what's going on here? > Thanx 4 any help > Dirk BrenckmannCan you post your smb.conf? Andrew Bartlett -- Andrew Bartlett abartlet@pcug.org.au Manager, Authentication Subsystems, Samba Team abartlet@samba.org Student Network Administrator, Hawker College abartlet@hawkerc.net http://samba.org http://build.samba.org http://hawkerc.net -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part Url : http://lists.samba.org/archive/samba/attachments/20040312/3d2b17cf/attachment.bin
Dirk Brenckmann
2004-Mar-12 12:28 UTC
[Samba] RE: Need urgent help with "user_info->client_domain.str" and "user_info->domain.str"
... of course ... sorry - replied to your account directly...
# Global parameters
[global]
# Some basic server settings
netbios name = XDC
workgroup = FRSTPRV.DE
# Act as Domain and local master browser
os level = 128
preferred master = yes
domain master = yes
local master = yes
# Security settings of a PDC must be of user security type
security = user
# NT and 2000 do not accept unencrypted passwords
encrypt passwords = yes
min password length = 8
#
#############################################################
#############
#
# LDAP related parameters
#
# Samba V 2.2.8 and higher - LDAP parameters
#
# DN used for retreiving user account information (see man smb.conf)
ldap admin dn = "uid=SambaAdmin302,ou=Technische
Nutzer,ou=people,dc=first-private,dc=de"
# Define the SSL option, when connecting to the directory
# ['off'|'start tls'|'on'(default)]
ldap ssl = off
#
# Samba V 3.0.0 and higher - LDAP parameters
#
passdb backend = ldapsam:ldap://ldap.first-private.de
# idmap backend server used for mapping unix and windows uids
and gids.
# This option is essential, if using PDC/BDC concepts.
# idmap backend = ldap://cicero.first-private.de
# idmap gid = 10000-99999
# idmap uid = 10000-99999
# Delete requests onle remove smb specific information. Any other
# LDAP attributes will be left unchanged.
ldap delete dn = no
# Suffic used for all ldap objects
ldap suffix = ou=people,dc=first-private,dc=de
# Self explaining...
# no = Only update ntPassword and lmPassword
# (iplanet does not support [yes|only]!)
ldap passwd sync = no
#
#
#############################################################
##############
# Support domain logons
domain logons = yes
# Support wins
wins support = yes
# Put the profile to:
logon path = \\%N\profiles\%U
logon drive = I:
logon home = \\%N\%U
logon script = logon.bat
# User definitions
admin users = Samba301Admin
# Keep alive options
deadtime = 240
socket options = TCP_NODELAY IPTOS_LOWDELAY
SO_KEEPALIVE
keepalive = 20
read raw = yes
write raw = yes
oplocks = yes
max xmit = 65535
getwd cache = yes
# Been taking this from old ffmkag server - maybe it's relevant:
log file = /usr/local/samba/var/log/log.%m
log level = 100
max log size = 500
# Some debug options
debug uid = yes
# Include necessary shares for domain controller:
include = /usr/local/samba/lib/shares/windows/windows.conf
# Include group shares
include = /usr/local/samba/lib/shares/group/group.conf