I have created a mapusers.bash script (listed below) for mapping Active Directory handles to unix logins. This script is currently working as documented. I would like some insight into how and when this script gets called. I assumed that upon establishing each samba connection, after the active directory handle gets authenticated with the domain controller it passes the domain\handle to this script to determine the unix login to use. However, it seems to execute this script multiple times to establish a connection. I have tested this out by clearing the cache using nbtstat -R on the client and running smbstatus -u username and killing the procids then reconnecting. Samba consistently will pass just the active directory handle without the domain first which succeeds because my script will find the correct unix login to map to without the domain. Immediately after, Samba will pass the script the domain\handle which will also succeed. Why is this? Throughout the life of ! the connection it will continue to intermittently pass the active directory handle without the domain.
Samba version 3.0.20 Configuration: ./configure --prefix=/opt/samba-3.0.20 --with-smbwrapper --with-nis --with-quotas --with-syslog --with-included-popt OS: Solaris 8 #!/bin/bash if [ $1 ] then echo "$1" >> /tmp/mhm4in #line needed for debugging #cut off the na0x\ part of input na0xlogin=`echo "$1" | cut -d '\' -f2` #search for a different unix login unixlogin=`ypcat users.map | grep "\$na0xlogin$" | cut -d ' ' -f1` if [[ $? = 0 && $unixlogin != "" ]] then #if unixlogin is in the users.map then return it echo "$unixlogin" echo "$unixlogin" >> /tmp/mhm4out #debugging only else #find unixlogin in NIS passwd map then return it unixlogin=`ypcat passwd | cut -d ':' -f1 | grep ^$na0xlogin$` echo "$unixlogin" echo "$unixlogin" >> /tmp/mhm4out #debugging only fi # below if statement for debugging only if [[ $unixlogin = "" ]] then #report to /tmp/mhm4error for any requests with no unix login echo $na0xlogin >> /tmp/mhm4error #debugging only fi else echo "You must enter a name to search." exit 1 fi smb.conf global section********************* [global] debug level = 3 security = domain encrypt passwords = yes password server = * netbios name = server1 netbios aliases = server1 server1a username map script = /opt/samba/lib/mapusers.bash server string = %h (Samba %v) workgroup = domain1 wins proxy = no dns proxy = no wins support = no wins server = w.x.y.z guest account = nobody lock directory = /opt/samba/var/locks browseable = no create mask = 775 directory mask = 775 delete readonly = yes name resolve order = wins lmhosts host bcast case sensitive = no preserve case = yes short preserve case = yes domain master = no local master = no preferred master = no os level = 0 remote announce = w.x.y.255 log file = /opt/samba/var/%I.log max log size = 1000 auto services = Unison locking = yes strict locking = no dead time = 15 load printers = no printing = sysv lpq cache time = 0 map archive = no read only = no bind interfaces only = yes interfaces = a.b.c.d socket options = SO_KEEPALIVE smb ports = 139 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba