rethinking the order of getpwnam call in
boyang at novell.com
Tue Apr 1 03:17:26 GMT 2008
>>> "Gerald (Jerry) Carter" <jerry at samba.org> 04/01/08 6:40 AM >>>
-----BEGIN PGP SIGNED MESSAGE-----
Bo Yang wrote:
> Hi, Jeremy:
> The order of getpwnam call in Get_Pwnam_internals is:
> 1. lowercase username.
> 2. given username, ie, original username
> 3. uppercase username
> 4. level-N combinations of uppercase username. for example, nodns1, Nodns1, NOdns1, etc.
> There is a problem of this order when "winbind use default domain = yes" and "username map = filename".
> I have one unix local user NODNS1 and one domain user NODNSUPDATE\nodns1, and there following entry exists in my smbuser(the username map file):
> NODNS1 = NODNSUPDATE\nodns1.
Sorry. I'm catching up on things. Your example is a really bad idea
IMO. You should never use "winbind use default domain = yes" when you
have local users that match the domain username. That just causes too
much confusion. I don't real think changing the getpwnam case lookup
ordering for this corner case is a low risk change.
I'll post my patch for a name mapping layer in winbindd this week
and an example nss info plugin as a potential replacement for
"winbind use default domain". Might not be any better but is
much more intuitive and flexible I think.
I think winbind use default domain is quite frustrating too. :-)
much better if it is obsoleted and replaced.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
More information about the samba-technical