Patch: convenience feature for non-domain clients

Mike Gerdts Michael.Gerdts at
Wed Oct 9 18:12:00 GMT 2002

Perhaps a slight variant of this that would be useful would be something
along the lines of "force domain = <auth domain>".  The difference is
that when your samba servers are part of a resource domain that is
different than your authentication domain, the authentication would
happen against your authentication domain, rather than the (machine
only) resource domain.


On Wed, 2002-10-09 at 11:00, Jon. Hallett wrote:
> Attached is a patch against SAMBA_2_2 that we find useful at our site for 
> integrating our domain-member Samba servers with our non-domain-member clients.
> The background to this is that our Samba servers use "security = domain" 
> authentication for user accounts, but not all our Windows clients are 
> members of the domain, with the result that the clients often want to map 
> shares using non-domain "clientname\user" style accounts.
> The patch implements an "ignore client domain" option which forces Samba to 
> use the server's own domain when authenticating users, ignoring the domain 
> part of the username provided by the client.
> This is particularly useful for sites converting from "security = server" 
> to "security  = domain" who don't want to go around their clients adding 
> domain parts to all the usernames with which they map shares.
> Hope this is of use to someone else,
> Jon.

More information about the samba-technical mailing list