Gerald (Jerry) Carter wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Greg Adams wrote:
| I tried to send a level 10 log from the moment of connection to the
| user that should be mapped touching a file, but the attachment was too
| large and the messages bounced, awaiting moderator approval. So
| instead, I'll try to post the sections I think are relevant here:
|
| searching for spnego and username.map led me to this section:
|
*********************************************************************************************************
| [2004/10/18 08:19:25, 3] smbd/sesssetup.c:reply_sesssetup_and_X_spnego(535) | Doing spnego session setup | [2004/10/18 08:19:25, 3] smbd/sesssetup.c:reply_sesssetup_and_X_spnego(566) | NativeOS=[Windows 2002 Service Pack 1 2600] NativeLanMan=[Windows | 2002 5.1] PrimaryDomain=[] | [2004/10/18 08:19:25, 3] libsmb/ntlmssp.c:ntlmssp_server_auth(615) | Got user=[imguser] domain=[EDSADDDM] workstation=[MULE] len1=24 | len2=24
NTLMSSP authentication here. Not kerberos. :-) So maybe you have 2 problems going on ? username map and kerberos....
| Scanning username map /opt/samba/lib/username.map | user_in_list: checking user imguser in list | user_in_list: checking user |imguser| against |EDSADDDM+imguser| | make_user_info_map: Mapping user [EDSADDDM]\[imguser] from | workstation [MULE]
I've got the log when it was sent originally and I think the following is more relevant part. I just don't know which one of the autentication methods is used for Kerberos. It looks like the NTLM is the one which got selected.
[2004/10/18 08:08:04, 5] auth/auth.c:load_auth_module(384)
load_auth_module: Attempting to find an auth method to match guest
[2004/10/18 08:08:04, 5] auth/auth.c:load_auth_module(409)
load_auth_module: auth method guest has a valid init
[2004/10/18 08:08:04, 5] auth/auth.c:load_auth_module(384)
load_auth_module: Attempting to find an auth method to match sam
[2004/10/18 08:08:04, 5] auth/auth.c:load_auth_module(409)
load_auth_module: auth method sam has a valid init
[2004/10/18 08:08:04, 5] auth/auth.c:load_auth_module(384)
load_auth_module: Attempting to find an auth method to match winbind:ntdomain
[2004/10/18 08:08:04, 5] auth/auth.c:load_auth_module(384)
load_auth_module: Attempting to find an auth method to match ntdomain
[2004/10/18 08:08:04, 5] auth/auth.c:load_auth_module(409)
load_auth_module: auth method ntdomain has a valid init
[2004/10/18 08:08:04, 5] auth/auth.c:load_auth_module(409)
load_auth_module: auth method winbind has a valid init
[2004/10/18 08:08:04, 3] libsmb/ntlmssp.c:debug_ntlmssp_flags(62)
Got NTLMSSP neg_flags=0xe008b297
NTLMSSP_NEGOTIATE_UNICODE
NTLMSSP_NEGOTIATE_OEM
NTLMSSP_REQUEST_TARGET
NTLMSSP_NEGOTIATE_SIGN
NTLMSSP_NEGOTIATE_LM_KEY
NTLMSSP_NEGOTIATE_NTLM
NTLMSSP_NEGOTIATE_DOMAIN_SUPPLIED
NTLMSSP_NEGOTIATE_WORKSTATION_SUPPLIED
NTLMSSP_NEGOTIATE_ALWAYS_SIGN
NTLMSSP_NEGOTIATE_NTLM2
NTLMSSP_NEGOTIATE_128
NTLMSSP_NEGOTIATE_KEY_EXCH
[2004/10/18 08:08:04, 5] auth/auth.c:get_ntlm_challenge(95)
auth_get_challenge: module guest did not want to specify a challenge
[2004/10/18 08:08:04, 5] auth/auth.c:get_ntlm_challenge(95)
auth_get_challenge: module sam did not want to specify a challenge
[2004/10/18 08:08:04, 5] auth/auth.c:get_ntlm_challenge(95)
auth_get_challenge: module winbind did not want to specify a challenge
[2004/10/18 08:08:04, 5] auth/auth.c:get_ntlm_challenge(135)
auth_context challenge created by random
Igor
-- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba