Username mapping

Luke Kenneth Casson Leighton lkcl at
Fri Jun 5 17:58:56 GMT 1998

On Fri, 5 Jun 1998, Jeremy Allison wrote:

> > i need to create a "domain map username" parameter.
> >
> > this will take a username / domain / password from an nt domain login and
> > return a _different_ (unix) username in the LsaSamLogon response.
> >
> > the user will actually be logged in under the returned username _not_ the
> > one they specified in the nt domain login dialog.
> >
> > then you will be able to do things like log in with a 20 character name
> > and actually be logged in with an 8 character name.
> >
> (Working from home at the moment as my car has a flat tyre -
> don't hit reply :-).
> We're suffering from creeping parameteritis at the moment.
> Why do you need this ? Isn't this the same as the username
> map parameter.

no it isn't the same.  map username would map to a unix username
underneath, but maintain the same nt username.

"domain map username" would map to a different nt username, and would be
nothing to do with "map username".

> Don't we just need to get the domain code
> to use the same username map file instead ?

possibly, possibly not.  the capability exists to respond to
the LsaSamLogon query with a totally different username.  this i believe
to be different from the "map username" option.

but i could be wrong (and i think i might be).  someone convince me :-)

More information about the samba-ntdom mailing list