Red Hat Bugzilla – Bug 142620
Linux/Unix ID mapping is broken
Last modified: 2014-08-31 19:26:59 EDT
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.5)
Description of problem:
I have a user with a different name in linux and the win domain. All
other users can access the shares, but not this one.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. in /etc/samba/smbusers:
LinUID = WinUID
2. I use security = domain and the machine is registered at the DC level.
3. All windows users can access the shares exported by the linux
server as long as there LinUID and WinUID are the same. When the IDs
are different, the user cannot login.
Actual Results: Here is what I see in /var/log/samba/WinMachine.log:
check_ntlm_password: Authentication for user [WinUID] -> [LinUID]
FAILED with error NT_STATUS_NO_SUCH_USER
check_ntlm_password: mapped user is: [WkGroup]\[LinUID]@[WinMachine]
That seems wrong. Shouldn't the mapped user be
Expected Results: I have exactly the same settings on a Suse 9.1 box
running samba-3.0.4-1.34.3 and everything is working fine there.
I tried to look in all other reports about samba. Sorry if this is a dupe.
I reverted to samba-3.0.8-0.pre1.3 and the user mapping works again.
The problem is still there wih samba-3.0.10-1.fc3.
No one cares? Am I sending messages to a black hole?
This is getting frustrating.
Reopened #1772 in samba bugs db:
Many thanks to Kaare Hviid, a tenacious Debian user, who found the
solution. The fix for security=domain is to use:
LinUID = DOMAIN\WinUID
in /etc/samba/smbusers. Warning, this is not backward compatible and
will not work for security=user