Winbind mapping without domain qualification

Ken Cross kcross at nssolutions.com
Thu Apr 17 22:15:42 GMT 2003


In Samba 3.0, it's "winbind use default domain=yes".

Ken
________________________________

Ken Cross

Network Storage Solutions
Phone 865.675.4070 ext 31
kcross at nssolutions.com 

> -----Original Message-----
> From: 
> samba-technical-bounces+kcross=nssolutions.com at lists.samba.org
>  
> [mailto:samba-technical-bounces+kcross=nssolutions.com at lists.s
> amba.org] On Behalf Of Matthew Mastracci
> Sent: Thursday, April 17, 2003 5:50 PM
> To: samba-technical at lists.samba.org
> Subject: Winbind mapping without domain qualification
> 
> 
> It would be great to have a Winbind mode where the domain part was 
> lopped off.  In smaller, single-domain shops it is often more 
> convenient 
> to log in without the DOMAIN+ prefix (assuming that + is the winbind 
> separator).  Would it be possible to have a Winbind option 
> that allowed 
> an administrator to specify a default domain prefix?  This 
> could allow 
> those on the local domain of the Samba box to authenticate using the 
> shorter form of their username (ie: matt instead of DOMAIN+matt) and 
> those from other domains could still use the full 
> OTHERDOMAIN+otheruser 
> to get in.
> 
> I could provide a patch, but I'm just testing the waters to 
> see if there 
> are any issues that would prevent this from working, or other 
> objections 
> from the developer crowd.
> 
> Sample config:
> 
>    winbind default domain = SOMEDOMAIN   # set the default domain to 
> SOMEDOMAIN, ie: assume a prefix of SOMEDOMAIN+ on all users
>    winbind separator = +
>    winbind cache time = 10
>    template shell = /bin/bash
>    template homedir = /home/users/%U
>    winbind uid = 10000-20000
>    winbind gid = 10000-20000
> 
> Thanks!
> Matt.
> 



More information about the samba-technical mailing list