'force user' broken for winbind users?

Gerald (Jerry) Carter jerry at samba.org
Fri Jan 13 03:28:01 GMT 2006

Hash: SHA1

Volker Lendecke wrote:

> consequentially force user = winbind-user is bound to fail 
> sooner or later. force group might be ok, this just sets the
> primary group. But force user not only sets the uid but also
> the list of groups the forced user is in.

I thought it was only the uid?  Been too long since I looked at
that code I guess.

> When going through that code, can we restrict 'force user' 
> to pure non-winbind nss based users that we have control over?

I don't think this is realistic.  I think people will want
to use domain users in 'force user'.  I would rather know
when and why we started using the group member ship of
the forced user instead of just the uid.

cheers. jerry
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org


More information about the samba-technical mailing list