[Samba] Avoiding uid conflicts between rfc2307 user/groups and computers
Rowland Penny
rpenny at samba.org
Mon Jan 15 10:19:26 UTC 2018
On Mon, 15 Jan 2018 10:51:54 +0100
Marco Gaiarin via samba <samba at lists.samba.org> wrote:
> Mandi! Rowland Penny via samba
> In chel di` si favelave...
>
> > I am not disputing what you say, I am just asking for concrete proof
> > that a computer account MUST have a uidNumber account.
>
> Rowland, it is not (only) a matter of authentication, it is a matter
> of 'act' with machine account.
>
>
> I've digged a bit but found nothing than (i use WPKG as deployment
> system, it is only an example):
>
> https://wpkg.org/System_User
> https://wpkg.org/SYSTEM_user_Command_Prompt
>
> probably was some old thread in mailing list; anyway, SYSTEM user can
> act (eg, access shares) with the machine account credentials; AFAIK
> accessing as SYSTEM to a share will trigger an access with machine
> account, and as fallback as anonymous/Everyone.
>
>
> So, if you mean that machine account can auth without UID, it is
> right; if they need access (non anonymous) to some share, i suppose a
> UID is needed.
>
>
> I hope i was clear.
>
You are clear in what you say, but I still do not think you need the ID
numbers for computers, 'SYSTEM' does not exist on a Unix machine.
Rowland
More information about the samba
mailing list