Dear Samba Folks, Re the message I sent you earlier (reproduced below). The logs are also producing error messages such as this: smbd[12778]: pam_succeed_if: requirement "uid < 100" not met by user "bonomo" smbd[12821]: pam_succeed_if: requirement "uid < 100" not met by user "bonomo" smbd[12840]: pam_succeed_if: requirement "uid < 100" not met by user "dem" Of course, the UID's are NOT below 100, but something thinks they are, and perhaps this is leading to the rejections by PAM. What would cause all user names to be initially mapped to UID 0? Rich ****************** Dear Samba folks, I very recently replaced our SGI Challenge S file server, which employed samba 2 to service Windows boxes, with an Intel Linux box running Fedora core 2 Linux with samba 3.0.3. When I connect to the server, it takes a number of *minutes* to get an authentication challenge window. After entering name and password, the connection proceeds, and shares are displayed normally. Passwords are not encrypted (at least not at this time), as I don't like the idea of having to have a password set sitting on disk, and for other reasons. The log entries at the time of connect are VERY many, but they go in this cycle: [2004/06/07 08:24:19, 2] auth/pampass.c:smb_pam_auth(514) smb_pam_auth: PAM: Athentication Error for user bonomo [2004/06/07 08:24:19, 2] auth/pampass.c:smb_pam_error_handler(73) smb_pam_error_handler: PAM: Authentication Failure : Authentication failure [2004/06/07 08:24:19, 0] auth/pampass.c:smb_pam_passcheck(810) smb_pam_passcheck: PAM: smb_pam_auth failed - Rejecting User bonomo ! [2004/06/07 08:24:19, 2] auth/auth.c:check_ntlm_password(312) check_ntlm_password: Authentication for user [bonomo] -> [bonomo] After the above cycle repeats MANY times, then it goes to this... FAILED with error NT_STATUS_WRONG_PASSWORD [2004/06/07 08:28:37, 2] auth/auth.c:check_ntlm_password(305) check_ntlm_password: authentication for user [bonomo] -> [bonomo] -> [bonomo] succeeded [2004/06/07 08:28:37, 2] lib/access.c:check_access(324) Allowed connection from (144.92.179.44) [2004/06/07 08:28:58, 2] lib/access.c:check_access(324) Allowed connection from (144.92.179.44) [2004/06/07 08:28:59, 2] lib/access.c:check_access(324) Allowed connection from (144.92.179.44) [2004/06/07 08:28:59, 1] smbd/service.c:make_connection_snum(619) I think the below is a consequence of trying to print something to a print share. Printing is not working, either (jobs just disappear when sent to this printer; other printers show "fail to connect"). Command line printing on the server itself is OK. 144.92.179.44 (144.92.179.44) connect to service ps1 initially as user bonomo (uid=1110, gid=0) (pid 11949) [2004/06/07 08:28:59, 0] smbd/nttrans.c:call_nt_transact_ioctl(2075) call_nt_transact_ioctl(0x280004): Currently not implemented. [2004/06/07 08:28:59, 1] smbd/service.c:close_cnum(801) 144.92.179.44 (144.92.179.44) closed connection to service ps1 Have you any words of wisdom? Here is the smb.conf file (the file from the samba 2 system, with adjustments): ; [global] ; ; security options ; workgroup = SAL security = user password level = 2 encrypt passwords = no admin users = root hosts allow = 144.92.179. 205.173. 127.0.0.1 guest account = guest domain logons = no logon script = %U.bat obey pam restrictions = no ; debuglevel = 2 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 dead time = 5 ; max xmit = 8192 ; ; Browser Control os level = 33 domain master = no preferred master = no ; Case Preservation preserve case = yes short preserve case = yes ; ; printing options ; ; printing = sysv printing = cups printcap = cups ; printcap name = /etc/samba/psuedoprintcap load printers = yes ; print command = /usr/bin/lp -d%p ; ; file options ; hide dot files = yes preserve case = yes short preserve case = yes map archive = no ; ; This next option sets a separate log file for each client. ; Remove it if you want a combined log file. log file = /var/log/samba/%m.log max log size = 2000 ; You will need a world readable lock directory and "share modes=yes" ; if you want to support the file sharing modes for multiple users ; of the same files ; lock directory = /var/lock/subsys/samba share modes = yes [homes] comment = Home Directory for %u path = /usr/users/%u browseable = no writable = yes create mode = 0750 hide dot files = yes guest ok = no follow symlinks = yes wide links = yes [public] comment = Home Directory for %u path = /usr/users/%u/public_html browseable = no writable = yes create mode = 0755 hide dot files = yes guest ok = no [web] comment = WWW Folder ; invalid users valid users = @www path = /usr/central/www browseable = yes writeable = yes guest ok = no [astro104] comment = Astro104 web folder valid users = wharris khn path = /usr/users/astro104 browseable = yes write OK = yes read only = no create mode = 0755 hide dot files = no guest ok = no [shared] comment = Shared Folders path = /usr/central/pc/shared browseable = yes writable = yes create mode = 0755 follow symlinks = yes wide links = yes [SALA] comment = SAL-A directory path = /SAL/A browseable = yes writable = yes create mode = 0755 follow symlinks = yes wide links = yes hide dot files = no guest ok = no [SALB] comment = SAL-B directory path = /SAL/B browseable = yes writable = yes create mode = 0755 follow symlinks = yes wide links = yes hide dot files = no guest ok = no [ftp] comment = Shared Folders path = /usr/central/ftp/pub browseable = yes writable = yes create mode = 0755 [pc] comment = Shared %m Files path = /usr/central/pc/%m browseable = yes writable = yes create mode = 0750 [ps1] comment = PostScript (Rm 6296B) public = yes path=/var/spool/samba browseable = yes printer = ps1 writable = no printable = yes ; postscript = yes print ok = yes [ps1_duplex] comment = PostScript duplex (Rm 6296B) public = yes path=/var/spool/samba browseable = yes printer = ps1_duplex writable = no printable = yes ; postscript = yes print ok = yes [ps4] comment = HP PostScript (Rm 6283D) public = yes path=/var/spool/samba browseable = yes printer = ps4 writable = no printable = yes ; postscript = yes print ok = yes [ps4_duplex_lg] comment = HP PostScript (Rm 6283D) public = yes path=/var/spool/samba browseable = yes printer = ps4_duplex_lg writable = no printable = yes ; postscript = yes print ok = yes [ps4_big] comment = HP PostScript (Rm 6283D) public = yes path = /var/spool/samba browseable = yes printer = ps4_big writable = no printable = yes ; postscript = yes print ok = yes [ps7] comment = PostScript (Rm 5507 Sterling) public = yes path=/var/spool/samba browseable = yes printer = ps7 writable = no printable = yes ; postscript = yes print ok = yes [ps8] comment = PostScript (Rm 6507 Sterling) public = yes path=/var/spool/samba browseable = yes printer = ps8 writable = no printable = yes ; postscript = yes print ok = yes [ps12] comment = Office PostScript Printer public = yes path=/var/spool/samba browseable = yes printer = ps12 writable = no printable = yes ; postscript = yes print ok = yes [ps14] comment = 4th floor of Sterling Hall public = yes path=/var/spool/samba browseable = yes printable =yes printer = ps14 writable = no postcript = yes print ok = yes [scarlett] comment = Color PostScript Printer public = yes path=/var/spool/samba browseable = yes printer = scarlett writable = no printable = yes ; postscript = yes print ok = yes [michelle] comment = Color PostScript Plotter (HP DesignJet 755CM) public = yes path=/var/spool/samba browseable = yes printable = yes printer = michelle writable = no ; postscript = yes print ok = yes [LindasApJ] comment = Office PostScript Printer public = yes path=/var/spool/samba browseable = yes printer = LindasApJ writable = no printable = yes ; postscript = yes print ok = yes [LindasApJ_req] comment = Office PostScript Printer public = yes path=/var/spool/samba browseable = yes printer = LindasApJ_req writable = no printable = yes ; postscript = yes print ok = yes [LindasApJ_dupl] comment = Office PostScript Printer public = yes path=/var/spool/samba browseable = yes printer = LindasApJ_dupl writable = no printable = yes ; postscript = yes print ok = yes [Wisplp0] comment = Space Physics HP 6000 gn public = yes path=/var/spool/samba browseable = yes printer = Wisplp0 writable = no printable = yes ; postscript = yes print ok = yes [file] comment = PostScript File Printer public = yes path=/var/spool/samba browseable = yes printer = file writable = no printable = yes ; postscript = yes print ok = yes Thanks! Rich B. -- ************************************************ Richard Bonomo UW Space Astronomy Laboratory ph: (608) 263-4683 telefacsimile: (608) 263-0361 SAL-related email: bonomo@sal.wisc.edu all other email: bonomo@ece.wisc.edu web page URL: http://www.cae.wisc.edu/~bonomo ************************************************