On Wed, Sep 8, 2010 at 12:32 AM, Jean-Yves Avenard <jyaven...@gmail.com>wrote:
> Hi there. > > I have a FreeBSD server running Samba 3.3, connected to a domain who's > PDC is a MacOS 10.6 server running Samba 3.0.28 (ancient I know). > > Working all fine, except for one thing I find annoying. > > MacOS server has a concept of username alias. You can have as many > aliases as you want, using any of those aliases are the same as using > the primary one. > > It's rather well implemented in 10.6 server, and you can log on the > domain with any of those usernames. > \\server\homes would point to the same directory, no matter which of > the aliases you used. > > On the FreeBSD server however, that is on this domain. You can only > login using the primary username. > If I try to login using an alias, I get using smbclient session setup > failed: NT_STATUS_LOGON_FAILURE > > I was under the impression that the authentication is always performed > against the PDC, so if it's fine with the PDC, if should be fine on > the client (and sure enough, with Windows, I can login with any of the > alias too). > > For example: > One user > simon_russell, has 2 aliases: simonr and simon_russell. > > server4# smbclient //server4/public -U simon_russell > Enter simon_russell's password: > Domain=[HYDRIX] OS=[Unix] Server=[Samba 3.3.9] > > Fine so far. > However, > > server4# smbclient //server4/public -U simon.russell > Enter simon.russell's password: > session setup failed: NT_STATUS_LOGON_FAILURE > > In the log of the PDC however, I see > When logging with an alias: > > [2010/09/08 17:25:21, 2, pid=89576] > > /SourceCache/samba/samba-235.4/samba/source/auth/auth.c:check_ntlm_password(309) > check_ntlm_password: authentication for user [simon.russell] -> > [simon.russell] -> [simon_russell] succeeded > > when logging with the main username: > [2010/09/08 17:26:32, 2, pid=89576] > > /SourceCache/samba/samba-235.4/samba/source/auth/auth.c:check_ntlm_password(309) > check_ntlm_password: authentication for user [simon_russell] -> > [simon_russell] -> [simon_russell] succeeded > > > As far as the PDC is concerned, the authentication in both case was > successful. > > Yet, the samba client fails and report an authentication failure... > > The PDC is running OpenDirectory which is just a LDAP server... > > Am I missing something? what could I do to allow users to login using > any aliases? > > Thank you > Jean-Yves > <https://lists.samba.org/mailman/options/samba> nsswitch is using local auth first maybe? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba