Winbind mapping without domain qualification
Matthew Mastracci
matt at aclaro.com
Thu Apr 17 21:50:18 GMT 2003
It would be great to have a Winbind mode where the domain part was
lopped off. In smaller, single-domain shops it is often more convenient
to log in without the DOMAIN+ prefix (assuming that + is the winbind
separator). Would it be possible to have a Winbind option that allowed
an administrator to specify a default domain prefix? This could allow
those on the local domain of the Samba box to authenticate using the
shorter form of their username (ie: matt instead of DOMAIN+matt) and
those from other domains could still use the full OTHERDOMAIN+otheruser
to get in.
I could provide a patch, but I'm just testing the waters to see if there
are any issues that would prevent this from working, or other objections
from the developer crowd.
Sample config:
winbind default domain = SOMEDOMAIN # set the default domain to
SOMEDOMAIN, ie: assume a prefix of SOMEDOMAIN+ on all users
winbind separator = +
winbind cache time = 10
template shell = /bin/bash
template homedir = /home/users/%U
winbind uid = 10000-20000
winbind gid = 10000-20000
Thanks!
Matt.
More information about the samba-technical
mailing list