Long machine names...

Tim Winders twinders at SPC.cc.tx.us
Thu May 21 19:50:01 GMT 1998

On Thu, 21 May 1998, Jeremy Allison wrote:

> > When does the need for a real unix account come into play?  When creating
> > the initial trust account?  For future DC stuff?
> You are correct in that at present none of the Samba
> code actually uses the fact that the machine account
> has an actual existance in the UNIX password file (that's
> why it's working for you right now). Currently, the
> requirement that the machine account have an existance
> in the UNIX password database is to stop duplicate
> uids being used by accident.

OK.  So, I will have to redo these accounts when this $ problem gets
figured out.  No problem.
> When NT clients connect to do 
> DCE/RPC, they do so down
> an annonymous connection (which is mapped in Samba
> to the guest user), they then authenticate themselves 
> by passing a machine name in the authentication
> setup RPC. Currently there is no known RPC that causes
> filesystem interaction down this pipe - but if there
> is, or there was an RPC that required a level of permission
> control on the UNIX system, then there needs to be a
> UNIX uid we can use to determine access permissions.
> Simply using the guest user might not do if it were
> a machine specific restriction (for example).

OK, I think I am finally on track.  Thanks for the explaination!

=== Tim

|  Tim Winders, CNE, MCSE        |  Email:  TWinders at SPC.cc.tx.us   |
|  Network Administrator         |  Phone:  806-894-9611 x 2369     |
|  South Plains College          |  Fax:    806-897-4711            |

More information about the samba-technical mailing list