[Samba] trusted domains - samba user authentification
Hitzler Ronald
r.hitzler at flughafen-linz.at
Wed May 29 00:39:03 GMT 2002
Hi!
Background: We have a normal NT 4.0 Domain called AIRPORT and a Windows 2000
Domain (server is in mixed mode) called MAIL. Connected to the AIRPORT
Domain is a Samba 2.0.6 Server with security = domain. Both domains are
trusting each other.
I've a little problem understanding the user authentification with the
trusted
MAIL domain. I'll it explain with a little example:
We have a user called "testuser" on both domains (AIRPORT\testuser and
MAIL\testuser). If I create a share on the AIRPORT PDC (WINDOWS NT 4.0) for
the user "testuser", I can access it from AIRPORT. If I logon to MAIL, I'm
not allowed to access it. If I expnad the user rights to MAIL\testuser I can
access again. So far no problem.
BUT: If I make a samba share (rember: the samba server is using domain
security
and it's connected to AIRPORT) for our testuser there is no difference which
domain
I use for login. If I logon to MAIL I also have access to the Samba Share.
It looks like samba makes no difference between MAIL\testuser and
AIRPORT\testuser.
Now my questions: Is it right, that samba doesn't consider the "Domain-Part"
of the username if the domains are trusted?
Is it a missing feature or "should it be as it is"?
Or I am just too stupid to understand the whole trusted-thing?
Thanks for your help!
---------------------------------------------------------------------------
Ronald Hitzler
More information about the samba
mailing list