Should Samba pass "DOMAIN\username" or just "username" to CUPS?

Andrew Bartlett abartlet at
Thu Dec 25 00:38:07 GMT 2003

On Tue, 2003-12-09 at 02:53, Gerald (Jerry) Carter wrote:
> Hash: SHA1
> Andrew Bartlett wrote:
> | We must pass the full unix username.  This should be available by
> | reading uidtoname(current_user->uid), and may or may not have anything
> | in common with the windows username currently being supplied (username
> | map).  The other issue is that we currently pass this ivalue in as the
> | 'requesting user' even if *another* user is attempting to remove the
> | job (on the samba side).
> |
> | The Samba -> CUPS username should always be fully qualified, unless
> | 'winbind use default domain' is set, because DOM1\fred is a very
> | different user to DOM2\fred.  Stripping the name is not a solution
> | (and will therefore break really big sites).
> I agree with Andrew.  The unix account name *is* DOMAIN\user.
> UNIX has no notion of domain names.  Although even with
> 'winbind use default domain', i believe that the stored
> account name should still be DOMAIN\user.  That parameter is only for
> user's convience, not for internal data structures.

The only thing I will say here is that we should supply what lpr would
supply, if a user logged in with pam_winbind etc, to a normal shell (so
as to allow for the same right to delete jobs etc).  

uidtoname(current_user->uid) should give this.  Now all I have to do is
write the patch :-)

Andrew Bartlett

Andrew Bartlett                                 abartlet at
Manager, Authentication Subsystems, Samba Team  abartlet at
Student Network Administrator, Hawker College   abartlet at
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url :

More information about the samba-technical mailing list