Patch: convenience feature for non-domain clients
Gerald Carter
jerry at samba.org
Wed Oct 9 19:14:00 GMT 2002
On Wed, 9 Oct 2002, Jon. Hallett wrote:
> The background to this is that our Samba servers use "security = domain"
> authentication for user accounts, but not all our Windows clients are
> members of the domain, with the result that the clients often want to map
> shares using non-domain "clientname\user" style accounts.
>
> The patch implements an "ignore client domain" option which forces Samba to
> use the server's own domain when authenticating users, ignoring the domain
> part of the username provided by the client.
Just to throw my hat in the ring here, i'm not sure i like this for the
reason that if a user sends DOMAIN\user i think we should assume that's
what they really meant. Interesting though, if I run
net use * \\server\jerry /user:jerry
from a WinXP home box, i though the domain used was the local
machine. So it seems like this patch is unnecessary in user mode.
Is that true? Is it only applicable in domain mode?
So a user say i am MACHINE\user and we try to authenticate then
as DOMAIN\user against the PDC whcih could be someone they didn't
mean? It just seems like too many people behind the curtain.
I would voite better user education (lot of good that will do me).
cheers, jerry
More information about the samba-technical
mailing list