sAMAccountName vs. userPrincipalName for %S, %U, and %u
Ken Cross
kjchome at comcast.net
Tue Jan 27 03:06:04 GMT 2004
Sounds good, Jerry -- thanks.
I want to make sure I understand what you're saying. By "another pipe
call", do you mean another winbindd function like WINBINDD_GETPWNAM? It
should be straightforward since the information is retrieved during the
normal connection sequence in winbindd in info->acct_name.
Also, all the info in cache is kept by the userPrincipalName (not
sAMAccountName), so a lookup_name_by_sid will get it.
It looks like %n is users for changing passwords, but %l ("long username?")
could be used. Obviously, it would have to work for RPC, too -- I guess
"long username" would be equivalent to the normal (SMB) username.
Ken
-----Original Message-----
From: Gerald (Jerry) Carter [mailto:jerry at samba.org]
Sent: Monday, January 26, 2004 5:52 PM
To: Ken Cross
Cc: 'Multiple recipients of list SAMBA-TECHNICAL'
Subject: Re: sAMAccountName vs. userPrincipalName for %S, %U, and %u
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Ken Cross wrote:
| Is there a way to get userPrincipalName to
| use during logon (like a %n or something)?
Ken,
I'll help you fix this. It is related to the
altPrincpalName attribute that was discussed
back in December. I'm willing to make this
work for winbindd systems via another pipe call
but I don't want to add LDAP connections in smbd
for this.
Does that sound ok ? And then yes, we would
make is available via another variable I expect.
And this will be post 3.0.2.
cheers, jerry
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFAFZoWIR7qMdg1EfYRAux7AKDNmy8oQWcVr8fRQvBjnkK/ycYmUwCdE2ip
YUBtsqpQjFoY20S3LgRg20o=
=er9C
-----END PGP SIGNATURE-----
More information about the samba-technical
mailing list