To SAMBA-Team: username map + smbpasswd

Oleg Tipisov ovt at
Mon Jul 26 12:56:26 GMT 1999


I have a suggestion to SAMBA team.

Suppose "username map" is set up as the following:
  etc_passwd_user = SAMBA_user
Currently "username map" works differently in "security = server"
(or "domain") and "security = user". In the first case SAMBA
tries to verify password of the "SAMBA_user". In the second case --
password of the "etc_passwd_user". The second one is weird,
especially with "encrypt passwords = Yes".

For instance, why should I add "Administrator" to /etc/passwd
and how can I do this if my U*IX doesn't support usernames longer
than 8 characters ? Instead I'd like to put "root = Administrator"
into the "username map" file.

I suggest to verify password of the "before-mapping-user"
("SAMBA_user") in the smbd if "security = user" and "encrypt
passwords = Yes" are set (or implement new parameter to give
users flexibility to chose).

And, of course, smbpasswd should understand "username map" so that
one can do "smbpasswd -a SAMBA_user" even if there is no such
user in /etc/passwd.

More information about the samba-ntdom mailing list