Hi there. I have a FreeBSD server running Samba 3.3, connected to a domain who's PDC is a MacOS 10.6 server running Samba 3.0.28 (ancient I know).
Working all fine, except for one thing I find annoying. MacOS server has a concept of username alias. You can have as many aliases as you want, using any of those aliases are the same as using the primary one. It's rather well implemented in 10.6 server, and you can log on the domain with any of those usernames. \\server\homes would point to the same directory, no matter which of the aliases you used. On the FreeBSD server however, that is on this domain. You can only login using the primary username. If I try to login using an alias, I get using smbclient session setup failed: NT_STATUS_LOGON_FAILURE I was under the impression that the authentication is always performed against the PDC, so if it's fine with the PDC, if should be fine on the client (and sure enough, with Windows, I can login with any of the alias too). For example: One user simon_russell, has 2 aliases: simonr and simon_russell. server4# smbclient //server4/public -U simon_russell Enter simon_russell's password: Domain=[HYDRIX] OS=[Unix] Server=[Samba 3.3.9] Fine so far. However, server4# smbclient //server4/public -U simon.russell Enter simon.russell's password: session setup failed: NT_STATUS_LOGON_FAILURE In the log of the PDC however, I see When logging with an alias: [2010/09/08 17:25:21, 2, pid=89576] /SourceCache/samba/samba-235.4/samba/source/auth/auth.c:check_ntlm_password(309) check_ntlm_password: authentication for user [simon.russell] -> [simon.russell] -> [simon_russell] succeeded when logging with the main username: [2010/09/08 17:26:32, 2, pid=89576] /SourceCache/samba/samba-235.4/samba/source/auth/auth.c:check_ntlm_password(309) check_ntlm_password: authentication for user [simon_russell] -> [simon_russell] -> [simon_russell] succeeded As far as the PDC is concerned, the authentication in both case was successful. Yet, the samba client fails and report an authentication failure... The PDC is running OpenDirectory which is just a LDAP server... Am I missing something? what could I do to allow users to login using any aliases? Thank you Jean-Yves -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
