do not support winbind users or groups in
smb.confi without seciftying a domain
Gerald (Jerry) Carter
jerry at samba.org
Sun Nov 30 13:57:17 GMT 2003
-----BEGIN PGP SIGNED MESSAGE-----
Andrew Bartlett wrote:
| The only problem I can see is that we will be
| inconsistent between users and groups. I know you will really
| hate me now, but with 'winbind use default domain', the 'users'
| part of the equation needs to *not* have the domain prefix,
| while you propose that the groups must have it.
not true. I've run the tests and made sure we always pass in
DOMAIN\user to user_in_list(). The only place that we should
deal with a stripped user name is in winbindd_pam_auth[_crap]().
| The thing is, we resolve all groups into a GID (this needs to be
| optimised better for the winbind case) but we handle the users as a
| string match. This causes the 'REAM.FOO\user' v 'DOMAIN\user' bug.
| (where valid users gives us one, but the kerberos login gives the
Right, but we don't have that now and will not have it for 3.0.1
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
More information about the samba-technical