Patch: convenience feature for non-domain clients
Mike Gerdts
Michael.Gerdts at alcatel.com
Wed Oct 9 18:12:00 GMT 2002
Perhaps a slight variant of this that would be useful would be something
along the lines of "force domain = <auth domain>". The difference is
that when your samba servers are part of a resource domain that is
different than your authentication domain, the authentication would
happen against your authentication domain, rather than the (machine
only) resource domain.
Mike
On Wed, 2002-10-09 at 11:00, Jon. Hallett wrote:
> Attached is a patch against SAMBA_2_2 that we find useful at our site for
> integrating our domain-member Samba servers with our non-domain-member clients.
>
> The background to this is that our Samba servers use "security = domain"
> authentication for user accounts, but not all our Windows clients are
> members of the domain, with the result that the clients often want to map
> shares using non-domain "clientname\user" style accounts.
>
> The patch implements an "ignore client domain" option which forces Samba to
> use the server's own domain when authenticating users, ignoring the domain
> part of the username provided by the client.
>
> This is particularly useful for sites converting from "security = server"
> to "security = domain" who don't want to go around their clients adding
> domain parts to all the usernames with which they map shares.
>
> Hope this is of use to someone else,
>
> Jon.
More information about the samba-technical
mailing list