NT user authentication

Luke Kenneth Casson Leighton lkcl at switchboard.net
Thu Dec 3 16:18:15 GMT 1998

On Fri, 4 Dec 1998, Andrej Borsenkow wrote:

> >
> > Yes this is how it works. It is also how Samba 2.0 works
> > also. Don't know about the HEAD branch as that has so
> > widely diverged at the moment.
> >
> Mostly the same ... There is one thing that nags me. The followin applies to
> 2.1 branch.
> The SAMBA as member of NT poses a problem, what to do if Unix user with the
> same name as domain user exists, but does not have explicit NT->Unix
> mapping. Luke writes, that any user not explicitly mapped is assumed to be
> local. This is _not_ as it currently works (and is a bit different anyway)

not quite:

any user not explicitly mapped in by "domain user map" is checked against
the PDC.  if the account does not exist on the PDC, _then_ it is treated
as a local user.

_regardless_ of whether it is a local or a domain user, there must still
exist a UNIX account with the same name.

More information about the samba-ntdom mailing list