[Samba] Identically named users and groups
Gerald (Jerry) Carter
jerry at samba.org
Tue Aug 8 12:47:19 GMT 2006
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Michael Gasch wrote:
> i thought this would never get fixed, because i think
> i hit the same problem already last year.
>
> jerry said:
>>
>> Windows won't allow a user and groupw ith the same name.
>> Not much we can do about that. However, if you establish a
>> group mapping entry and set the ntgroup value to a
>> different string, things will work out ok.
>
> so are you talking about a issue on linux side and
> samba or windows side and samba?
It's a variant of the same problem but has been
exacerbated by the change from string comparisons
to token based access checks for smb.conf parameters.
First there are two new domains in 3.0.23: "Unix User"
(S-1-22-1) and "Unix Group" (S-1-22-2).
There's am implied order of precedence being applied
for unqualified names in smb.conf.
* lookup the name as a user in passdb
* lookup the name as a group in passdb
* lookup the name as a user in "Unix User"
* lookup the name as a group in "Unix Group"
First match wins.
cheers, jerry
=====================================================================
Samba ------- http://www.samba.org
Centeris ----------- http://www.centeris.com
"What man is a man who does not make the world better?" --Balian
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFE2IfWIR7qMdg1EfYRAqtlAJ9PpSQ5MWinpY9ypzz6GZFCO44YywCgludf
TmP3IRehGnRBAxYjC/NCHy8=
=8d3j
-----END PGP SIGNATURE-----
More information about the samba
mailing list