mapping from NT users to Unix users. question.

S. Striker s.striker at striker.nl
Mon Jan 17 23:08:03 GMT 2000 

Hi,

I guess I would prefer that if a user logs on he gets his NTUser home
share. Otherwise people run to the administrator telling him there
is somekind of security breach and that they can access someone else's
files. ;-)
You can't explain this behaviour to users... They just don't get it.
It gets worse if you are confronted with new users every year. This is
the case on a lot of universities and believe me, they're running
Samba.
Anyhow, a better argument would be that it is not the behaviour of a
NT Server... which is what you are trying to match. ;-)

Greetings,

Sander Striker

> i have a slight issue to consider.  when giving out home directories, a
> user logs in as "NTuser" and gets mapped to "unixuser", i wonder if it's
> better to return \\server\unixuser as the home directory instead of
> \\server\ntuser.
>
> the reason is that it will make life a _lot_ simpler when it comes to
> accessing smbd.  i won't have to do _any_ nt to unix mapping to create the
> [homes] section.
>
> ... but i _will_ still get an authentication request based on NTusername,
> but that's ok in SAMBA_TNG because that's handed off to netlogond to deal
> with, which can do the NTuser to unix user translation (which it just did
> exactly as above when the user logged in!)
>
> plus, i will get exactly the same user profile back, so i can grab the
> home directory from that, and set up the [homes] share.
>
> so it all works.
>
> now.
>
> my question is, is this acceptable?  do you, the administrators, mind if a
> user logs in as NTusername but actually gets told that their home
> directory is Unixusername?
>
> or, do you really want user logs in as NTusername and accesses their
> [homes] share as \\server\NTusername?
>
> which would _you_ prefer?
>
> luke
>
> <a href="mailto:lkcl at samba.org"   > Luke Kenneth Casson Leighton    </a>
> <a href="http://www.cb1.com/~lkcl"> Samba and Network Development   </a>
> <a href="http://samba.org"        > Samba Web site                  </a>
> <a href="http://www.iss.net"      > Internet Security Systems, Inc. </a>
> <a href="http://mcp.com"          > Macmillan Technical Publishing  </a>
>
>  ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals
>
>

More information about the samba-technical mailing list