(no subject)
Andrew Bartlett
abartlet at pcug.org.au
Sat Jan 26 20:48:03 GMT 2002
"McIntosh, Qi" wrote:
>
> Hi,
> I am new to samba and CIFS. I am just trying to learn and understand how
> samba/CIFS works. I saw some of the discussion about users without local
> uid, but I also remember that samba support a client access file share on a
> Samba server without having a account on the host Unix machine.
> I am confused...
Well, the 'non-unix-account' stuff I've been going on about is a bit
weird. There are parts of the protocol where we do things like lookup
users and authorised logins, but we don't need to actually *become* that
user.
For cases where we need to do that (and I havn't coded this yet) I'll
have some kind of 'map to guest' option. Probably 'map to guest = non
unix account'.
> So reading the code of Samba head. When ADS, kerberos are enabled, how
> does Samba support a client "session setup" request while the client doesn't
> have a local account on the samba host?
> I assume that smb_getpwnam() will return NULL if the client doesn't have a
> local account there. right?
Yes.
> If the client has an account in the MS domain, what is the way to get that
> account information over? With NTLM, NetrSamLogon to the domain controller
> will get some of it, right? I am guessing that with Active Directory, it
> should be available via LDAP. Am I right? Is there something I missed?
This is where Samba must be paired with 'winbind'. Winbind gets this
information from the DC and presents it to the unix getpw* apis.
Andrew Bartlett
--
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
More information about the samba-technical
mailing list