Jay D. Anderson
2004-Apr-16 18:01 UTC
[Samba] Strange authentication problem - Samba 3.0.2a
This problem appears to be a bug. I am seeing the problem running Samba 3.0.2a on both Solaris 8 and RH Linux ES3. This problem was not present in Samba 2.2.8a. The Samba servers are member servers of an Active Directory domain, and all other file and print sharing is working well. Global section of smb.conf included below. On a Windows XP client that hasn't been added to Active Directory yet, domain credentials will not authenticate to the Samba server if the credentials are given in the form username@mydomain.com. The same operation against a Windows server works fine. If the credentials are supplied in other forms to the Samba server, they will work (e.g., mydomain\username, mydomain.com\username). If the Windows XP client is added to the AD domain, the credentials will work in any of the formats. From an auth:10 debug, it appears Samba is using the entire username@mydomain.com string as the username rather than breaking it into username and domain components. Thank you very much for taking a look at this. [global] realm = MYDOMAIN.COM security = ADS netbios name = SERVER1 password server = ADPS1.MYDOMAIN.COM,ADPS2.MYDOMAIN.COM interfaces = 166.122.99.1/20 166.122.99.50/20 encrypt passwords = Yes map to guest = Bad User username map = /usr/local/samba/lib/users.map host msdfs = Yes time server = Yes deadtime = 5 socket options = TCP_NODELAY local master = No dns proxy = No workgroup = MYDOMAIN name resolve order = host wins bcast wins server = 166.122.99.135 166.122.15.103 -- --------------------------------------------------------------------- Jay D. Anderson John Deere Davenport Works Jay@DW.Deere.com P.O. Box 4198 Phone: 563.388.4268 Fax: 563.388.4159 Davenport, Iowa 52808