Bug 142620 - Linux/Unix ID mapping is broken
Linux/Unix ID mapping is broken
Product: Fedora
Classification: Fedora
Component: samba (Show other bugs)
i386 Linux
medium Severity medium
: ---
: ---
Assigned To: Jay Fenlason
Depends On:
  Show dependency treegraph
Reported: 2004-12-10 17:36 EST by Eral Trmb
Modified: 2014-08-31 19:26 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2005-01-31 16:51:38 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Eral Trmb 2004-12-10 17:36:34 EST
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.5)
Gecko/20041110 Firefox/1.0

Description of problem:
I have a user with a different name in linux and the win domain. All
other users can access the shares, but not this one.

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1. in /etc/samba/smbusers:

2. I use security = domain and the machine is registered at the DC level.

3. All windows users can access the shares exported by the linux
server as long as there LinUID and WinUID are the same. When the IDs
are different, the user cannot login.

Actual Results:  Here is what I see in /var/log/samba/WinMachine.log:

check_ntlm_password:  Authentication for user [WinUID] -> [LinUID]
check_ntlm_password:  mapped user is: [WkGroup]\[LinUID]@[WinMachine]

That seems wrong. Shouldn't the mapped user be

Expected Results:  I have exactly the same settings on a Suse 9.1 box
running samba-3.0.4-1.34.3 and everything is working fine there.

Additional info:

I tried to look in all other reports about samba. Sorry if this is a dupe.
Comment 1 Eral Trmb 2004-12-10 18:33:44 EST
I reverted to samba-3.0.8-0.pre1.3 and the user mapping works again.
Comment 2 Eral Trmb 2005-01-05 18:18:10 EST
The problem is still there wih samba-3.0.10-1.fc3.
No one cares? Am I sending messages to a black hole?
This is getting frustrating.
Comment 3 Eral Trmb 2005-01-05 20:48:56 EST
Reopened #1772 in samba bugs db:

Comment 4 Eral Trmb 2005-01-31 16:51:38 EST
Many thanks to Kaare Hviid, a tenacious Debian user, who found the
solution. The fix for security=domain is to use:
in /etc/samba/smbusers. Warning, this is not backward compatible and
will not work for security=user

Note You need to log in before you can comment on or make changes to this bug.