How can linux do this?

Jeremy Allison jallison at whistle.com
Tue May 19 00:52:47 GMT 1998


Richard Sharpe wrote:
> 
> Comments?


> >From: "Anthony S. Nixon" <asnixon at worldnet.att.net>
> >
> >Hello David,
> >
> >Yes, NT does do that, no Linux can not do that. It is a function of user
> >management within NT. NT would recognize the difference because of the
> >security token that is passed during logon. The ACL is read telling the
> >token what profile to use and file/directory rights the user has. The
> >profiles could quite possibly be stored on an Linux system, but the drive
> >would have to "mapped" before the logon took place. Linux does not have the
> >ability (yet) to do this.
> >
> >Shon Nixon, MCSE and avid Linux user.
> >Chief Information Technology
> >Midrex Direct Reduction Corp.
> >


This is *complete* fiction :-). I quote "ACL is read telling the
token what profile to use and file/directory rights the user has."

What in heavens name does an ACL have to do with what profile to
use ?

An ACL is a passive object - it's *applied* to things. The token
passed to the client from the domain controller is essentially a
random number. On a Samba PDC it *is* a random number :-).

Going on :

"but the drive would have to "mapped" before the logon took 
place. Linux does not have the ability (yet) to do this."

Point the guy politely at the Samba website :-).

BTW: On logon, when a drive needs to be mapped it is
done as the logged on user, using normal SMB calls
with the standard challenge/response (if encrypted
passwords are set up).

Oh yeah, and if he wants anonymous (null) sessionsetups,
we do that too.

I'm afraid this is an excellent example of people with
(probably, I'm speculating here) Microsoft certified
credentials knowing *only* what the course notes tell
them (and of course the these notes *never* tell them
exactly how it really works), and have no idea how the
actual bits 'n' bytes are put together over the wire.

Jeremy.

-- 
--------------------------------------------------------
Buying an operating system without source is like buying
a self-assembly Space Shuttle with no instructions.
--------------------------------------------------------


More information about the samba-technical mailing list