We have been doing some tests with CIFS on our Netware 6.5SP2 box and have
found we cannot use accounts with address restrictions. The NMASMON.nlm
log file shows the following:

22: Destroy NMAS Session for reuse
22: Create NMAS Session
22: RemoteCheckIfLocalUser checking webster.OU=hp.OU=hsc.O=ufl.
22: RemoteCheckIfLocalUser is a local user.
22: Server thread started
22: NMAS_CanDo StartClientSession 0
22: >>ClientPut: message size=8 queue Size 0
22: >>ClientPut: message size=7 queue Size 8
22: NMAS_CanDo sendMessage 0
22: <<ClientGet: message size=8 queue Size 0
22: >>ServerGet: message size=8 queue size 0
22: >>ServerGet: message size=7 queue size 7
22: CanDo
22: ERROR: -1669 Login Restrictions
22: ERROR: -1669 NMAS Manager
22: <<ServerPut: message size=8 queue size 0
22: <<ServerPut: message size=4 queue size 8
22: >>ServerGet: message size=8 queue size 0
22: <<ClientGet: message size=4 queue Size 0
22: NMAS_CanDo sendMessage 0
22: Client Session Destroy Request
22: Local Session Cleared (Not Destroyed)
22: Server thread exited

If you remove the address restrictions, logins work fine. I related
discussion on this topic was in this forum August of 2004 under the topic
"Some can see CIFS shares, some can not (NMAS.TXT)" That thread discuss
this topic, but more in the context of domain authentication. We are doing
this with the simple password.

The thread skirts the issue that NMAS checks an account for login
restrictions and immediately errors out with "ERROR: -1669 Login
Restrictions". In a way this is understandable as the NMAS log gives no
indication NMAS was ever told the IP address of the client logging in. NCP
logins show this, but not CIFS logins. This seems like a deficiency in
CIFS. It knows the connecting IP address, but does not pass it to NMAS.

Any thoughts?

Thanks,
Philip