rethinking the order of getpwnam call in Get_Pwnam_internals?

[Jeremy Allison]

On Wed, Feb 20, 2008 at 11:28:54PM -0700, Bo Yang wrote:
> Hi, Jeremy:
>        The order of getpwnam call in Get_Pwnam_internals is:
> 1. lowercase username.
> 2. given username, ie, original username
> 3. uppercase username
> 4. level-N combinations of uppercase username.  for example, nodns1, Nodns1, NOdns1, etc.
> 
>     There is a problem of this order when "winbind use default domain = yes" and "username map = filename".
>     
>     I have one unix local user NODNS1 and one domain user NODNSUPDATE\nodns1, and there following entry exists in my smbuser(the username map file):
> NODNS1 = NODNSUPDATE\nodns1.
>    
>     After authentication, NODNSUPDATE\nodns1 is correctly mapped to NODNS1. But the problem is the construction of user information from username when "winbind use default domain = yes".
>     Get_Pwnam_internals tries lowercase name first, and domain name is automatically prepended to username in winbindd, results in NODNSUPDATE\nodns1. Therefore the lookup of NODNS1
>     results in domain user account instead of local unix user account, That might not be what users want to see.  User's attension is to map the domain username to local unix username.
> 
>     I suggest change the order of getpwnam call to:
> 1. given username
> 2. lowercase username
> 3. uppercase username
> 4. level-Ncombinations of uppercase username.

I don't see a problem with this, but I'm going to
wait and let Jerry comment, as he has more experience
with the "interesting" possibilities people have used
in this area.

I don't want to accidently break anything :-).

Jeremy.