Web lists-archives.com

Re: [Samba] User mapping/login issue




On Sun, 21 Apr 2019 08:59:01 +0930
Stephen Davies via samba <samba@xxxxxxxxxxxxxxx> wrote:

> I have been a bit divorced from Samba for a while and am stumped by a
> recently seen issue.
> 
> My Samba server (V4.8.3) is Centos 7 and the remote clients are
> windoze boxes at the other end of a VPN (OpenVPN). At some point in
> "recent" history, access to shares on the Centos server started to
> fail with password failures. The reason seems to be associated with
> user mapping. (See log fragment below).
> 
> I have added entries to smbusers trying to map the remote user to
> local user simon without success.
> 
> There is no windoze domain server involved.
> 
> The clients can FTP to the server and retrieve emails via IMAP.
> 
> What am I missing?
> 
> 
> [2019/04/18 16:10:52.327632,
> 3] ../source3/auth/auth.c:189(auth_check_ntlm_pass word)
> check_ntlm_password: Checking password for unmapped user
> [SIMON-DELLPC]\[simo n]@[SIMON-DELLPC] with the new password interface
> [2019/04/18 16:10:52.327658,
> 3] ../source3/auth/auth.c:192(auth_check_ntlm_pass word)
> check_ntlm_password: mapped user is:
> [SIMON-DELLPC]\[simon]@[SIMON-DELLPC] [2019/04/18 16:10:52.327686,
> 4] ../source3/smbd/sec_ctx.c:216(push_sec_ctx) push_sec_ctx(0, 0) :
> sec_ctx_stack_ndx = 2

By default NTLMv1 is now turned off, could this be your problem ?, try
(as a test) adding 'ntlm auth = yes' to your smb.conf and
reload/restart Samba.

If this doesn't work, can you please post your smb.conf and tells us
what the Windows machines are.

Rowland

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba