Patch: convenience feature for non-domain clients

Gerald Carter jerry at
Wed Oct 9 19:14:00 GMT 2002

On Wed, 9 Oct 2002, Jon. Hallett wrote:

> The background to this is that our Samba servers use "security = domain" 
> authentication for user accounts, but not all our Windows clients are 
> members of the domain, with the result that the clients often want to map 
> shares using non-domain "clientname\user" style accounts.
> The patch implements an "ignore client domain" option which forces Samba to 
> use the server's own domain when authenticating users, ignoring the domain 
> part of the username provided by the client.

Just to throw my hat in the ring here, i'm not sure i like this for the 
reason that if a user sends DOMAIN\user i think we should assume that's 
what they really meant.  Interesting though, if I run

	net use * \\server\jerry /user:jerry

from a WinXP home box, i though the domain used was the local 
machine.  So it seems like this patch is unnecessary in user mode.
Is that true?  Is it only applicable in domain mode?

So a user say i am MACHINE\user and we try to authenticate then
as DOMAIN\user against the PDC whcih could be someone they didn't 
mean?  It just seems like too many people behind the curtain.
I would voite better user education (lot of good that will do me).

cheers, jerry

More information about the samba-technical mailing list