Variable Substitution for NT Domain
Jeremy Allison
jeremy at valinux.com
Wed Nov 22 19:59:30 GMT 2000
cjsmith at btinternet.com wrote:
>
> Hi,
>
> I've been working with Samba recently, and have been
> using the %U substitution to get the NT username
> (individual users do not have accounts on the Unix box -
> instead, they are mapped to a "remote" account, and
> the only share that is offered is /data/%U).
>
> Unfortunately, we have multiple domains on our
> network, and sometimes have the same username on
> more than one domain. This presents a security hole in
> the present framework.
>
> I would like to use "/data/%D/%U" as a share location,
> where %D is the NT Domain of the connecting user (I
> run samba in security=domain mode). Unfortunately,
> there doesn't seem to be a variable for NT
> Domain/Workgroup in the existing substitutions.
This is a good idea. Try the following patch for 2.0.7 to add the
substitutions %D and %W to mean the same thing, the global
workgroup/domain the Samba server is in.
Let me know if this works for you,
Cheers,
Jeremy Allison,
Samba Team.
Index: lib/util.c
===================================================================
RCS file: /data/cvs/samba/source/lib/util.c,v
retrieving revision 1.218.2.18.2.28
diff -u -r1.218.2.18.2.28 util.c
--- lib/util.c 2000/04/11 17:17:55 1.218.2.18.2.28
+++ lib/util.c 2000/11/22 19:54:41
@@ -2151,6 +2151,8 @@
case 'h' : string_sub(p,"%h", myhostname(),l); break;
case 'm' : string_sub(p,"%m", remote_machine,l); break;
case 'v' : string_sub(p,"%v", VERSION,l); break;
+ case 'D' : string_sub(p,"%D", global_myworkgroup,l); break;
+ case 'W' : string_sub(p,"%W", global_myworkgroup,l); break;
case '$' : p += expand_env_var(p,l); break; /* Expand environment variables */
case '\0': p++; break; /* don't run off end if last character is % */
default : p+=2; break;
--
--------------------------------------------------------
Buying an operating system without source is like buying
a self-assembly Space Shuttle with no instructions.
--------------------------------------------------------
More information about the samba-technical
mailing list