mapping from NT users to Unix users. question.

Chris Tooley ctooley at joslyn.org
Tue Jan 18 14:47:10 GMT 2000 

You and I obviously have very different types of users.  My users would
freak out if they saw something other than their username and the definitely
know nothing at all about NT to assume anything.

Chris Tooley
Software Specialist
Joslyn Art Museum
2200 Dodge St
Omaha, NE  68102
(402)342-3300 ext 247
(402)342-0091 fax


-----Original Message-----
From: samba-technical at samba.org [mailto:samba-technical at samba.org]On
Behalf Of Steve Langasek
Sent: Monday, January 17, 2000 8:53 PM
To: Multiple recipients of list SAMBA-TECHNICAL
Subject: RE: mapping from NT users to Unix users. question.


On Tue, 18 Jan 2000, S. Striker wrote:

> I guess I would prefer that if a user logs on he gets his NTUser home
> share. Otherwise people run to the administrator telling him there
> is somekind of security breach and that they can access someone else's
> files. ;-)
> You can't explain this behaviour to users... They just don't get it.
> It gets worse if you are confronted with new users every year. This is
> the case on a lot of universities and believe me, they're running
> Samba.

Seems easy enough to explain to me: "The name of your home directory on the
network has nothing to do with your username; it's not a security problem;
don't worry about it."  I also can't picture lots of users sounding the
security alarms because their NT home directory isn't based off of their
username.  Most users, IMHO, are likely to a) not care, or b) be
comfortable/familiar enough with NT to not be surprised by this sort of
thing.

> Anyhow, a better argument would be that it is not the behaviour of a
> NT Server... which is what you are trying to match. ;-)

If the NT server were guaranteed to always return \\server\NTusername as the
home directory of a user, then there would be nothing to discuss, because
the
client would never bother to *ask* where the homedir is.  As it stands, the
client does ask, which gives Samba a fair amount of leeway in terms of the
answer it gives.

> > i have a slight issue to consider.  when giving out home directories, a
> > user logs in as "NTuser" and gets mapped to "unixuser", i wonder if it's
> > better to return \\server\unixuser as the home directory instead of
> > \\server\ntuser.

> > the reason is that it will make life a _lot_ simpler when it comes to
> > accessing smbd.  i won't have to do _any_ nt to unix mapping to create
the
> > [homes] section.

The traditional value of the [homes] share, as I understand it, has been in
providing an easy way to access the home directories of existing *unix*
users.
Using NT users instead would break backwards compatibility within Samba.
Moreover, it sounds to me like using NT usernames for the [homes] share will
add unneeded complexity to the code, which is a bad idea, IMO. :)

-Steve Langasek
postmodern programmer

More information about the samba-technical mailing list