Auth via ADS: using userPrincipalName as username (ref
bug #1909)
Gerald (Jerry) Carter
jerry at samba.org
Wed Jan 5 16:47:18 GMT 2005
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Marc Lanctot wrote:
| a) check the usernames to see if they passed in a UPN or a
| sAMAccountName, if a UPN do a few ADS ldap queries, and convert the
| corresponding entered UPN to its sAMAccountName. Then proceed through
| the winbind logic using the mapped username. This requires no
| significant changes to the winbind logic.
I forget....Is the goal to be able to logon using pam_winbindd
and the user's UPN ? I'm leaning towards (a) if you can do that.
Less intrusive.
cheers, jerry
- ---------------------------------------------------------------------
Alleviating the pain of Windows(tm) ------- http://www.samba.org
GnuPG Key ----- http://www.plainjoe.org/gpg_public.asc
"If we're adding to the noise, turn off this song"--Switchfoot (2003)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFB3BoWIR7qMdg1EfYRAhTMAKCk/JVBp2StLZf38Rv6Ymz9S5aQGQCeMs6p
1HfGiXCizoRICIWSMJz6MWA=
=k0YB
-----END PGP SIGNATURE-----
More information about the samba-technical
mailing list