Opened 13 years ago
Closed 6 years ago
#30951 closed defect (fixed)
Samba3 not reading groups resulting in logon failure. (Lion)
| Reported by: | mandrake@… | Owned by: | jmroot (Joshua Root) |
|---|---|---|---|
| Priority: | Normal | Milestone: | |
| Component: | ports | Version: | 2.0.1 |
| Keywords: | lion | Cc: | joe.neal@…, eduo@…, laurent.bigue@…, cooljeanius (Eric Gallager) |
| Port: | samba3 |
Description
I installed samba3 on my 2010 Mac Mini. I try to log in from another Mac Mini and get a NT_STATUS_LOGON_FAILURE (using smbclient). I have added the smb user with smbpasswd -a. I have disabled the OSX windows file sharing and removed the launchd file that starts apple's netbios.
I enabled debugging in smbd and nmbd to see where the login fails. The failure is attached in a text file. It seems to be because the server can't get a correct list of groups. I can pull up a group list with no problem in a terminal window for the user.
Attachments (1)
Change History (24)
Changed 13 years ago by mandrake@…
| Attachment: | samba failure.txt added |
|---|
comment:2 Changed 13 years ago by jmroot (Joshua Root)
| Cc: | mandrake@… removed |
|---|---|
| Keywords: | lion added; samba3 removed |
| Owner: | changed from macports-tickets@… to mww@… |
| Priority: | High → Normal |
Please remember to cc the maintainer. You do not need to be in cc when you are the reporter. As per the ticket guidelines, the High priority is reserved for the use of MacPorts team members.
comment:3 Changed 13 years ago by joe.neal@…
Replying to mandrake@…:
I installed samba3 on my 2010 Mac Mini. I try to log in from another Mac Mini and get a NT_STATUS_LOGON_FAILURE (using smbclient). I have added the smb user with smbpasswd -a. I have disabled the OSX windows file sharing and removed the launchd file that starts apple's netbios.
I enabled debugging in smbd and nmbd to see where the login fails. The failure is attached in a text file. It seems to be because the server can't get a correct list of groups. I can pull up a group list with no problem in a terminal window for the user.
I have the exact same issue, and with my debug set to 10, I see the same exact log messages and errors. After some searching, I don't know if this is related to > 16 groups, or not?
My user is a member of 17 groups.
comment:5 Changed 13 years ago by joe.neal@…
Verified that this is related to too many groups. As I mentioned above, my user is a member of 17 groups. I created a new user (who with no other changes, is a member of 6 groups), and that user works fine.
comment:6 Changed 13 years ago by mandrake@…
It seems that the >16 groups bug had been addressed a few years ago. I wonder if it has somehow found its way back into the code. I'm not sure how to remove myself from groups in Lion and what sort of impact that might have. I'm hoping it can be addressed through this route, instead.
comment:7 Changed 13 years ago by joe.neal@…
Yes, I agree that this was resolved previously. However, I have verified that in my case, a user with less than 16 groups works, and one over 16, does not. I certainly agree that it would be nice to have this resolved properly, and not a workaround, as I don't know how to remove myself from groups (without breaking things at least).
comment:8 Changed 13 years ago by mandrake@…
I created another non-admin account on the machine to connect to. It works fine now. It will suffice until someone can find time to re-address the >16 group bug.
comment:11 Changed 12 years ago by laurent.bigue@…
I experience exactly the same problem and I was unable to find any solution, since any new user is created with a minimum of 23 groups in my system (among them, 13 sharepoints)!
comment:12 follow-up: 13 Changed 12 years ago by jmroot (Joshua Root)
Is this still a problem with 3.6.3?
comment:13 follow-up: 14 Changed 12 years ago by eduo@…
comment:14 Changed 12 years ago by m.koss@…
comment:15 Changed 12 years ago by public@…
Hi guys. Can you help me how temporarily resolve this problem. I tried many things. Without success.
comment:18 Changed 12 years ago by eduo@…
As documented in 34572, no fix has been found but the patch below provides a workaround (essentially by permanently allocating a ridiculous amount of slots in memory for more groups than there should be):
https://trac.macports.org/attachment/ticket/34572/patch-source_lib_system_smbd_c.diff
Of course, now that this comes out Samba's port can't compile in Mountain Lion :)
comment:19 Changed 12 years ago by eduo@…
Sorry. Should've mentioned that Samba not compiling in Mountain Lion is tracked in ticket 35343
comment:22 Changed 7 years ago by mf2k (Frank Schima)
| Owner: | mww@… deleted |
|---|---|
| Status: | new → assigned |
comment:23 Changed 6 years ago by jmroot (Joshua Root)
| Owner: | set to jmroot |
|---|---|
| Resolution: | → fixed |
| Status: | assigned → closed |
text file of debug log.