rethinking the order of getpwnam call in Get_Pwnam_internals?
Gerald (Jerry) Carter
jerry at samba.org
Mon Mar 31 19:40:29 GMT 2008
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Bo Yang wrote:
> Hi, Jeremy:
> The order of getpwnam call in Get_Pwnam_internals is:
> 1. lowercase username.
> 2. given username, ie, original username
> 3. uppercase username
> 4. level-N combinations of uppercase username. for example, nodns1, Nodns1, NOdns1, etc.
>
> There is a problem of this order when "winbind use default domain = yes" and "username map = filename".
>
> I have one unix local user NODNS1 and one domain user NODNSUPDATE\nodns1, and there following entry exists in my smbuser(the username map file):
> NODNS1 = NODNSUPDATE\nodns1.
Bo,
Sorry. I'm catching up on things. Your example is a really bad idea
IMO. You should never use "winbind use default domain = yes" when you
have local users that match the domain username. That just causes too
much confusion. I don't real think changing the getpwnam case lookup
ordering for this corner case is a low risk change.
I'll post my patch for a name mapping layer in winbindd this week
and an example nss info plugin as a potential replacement for
"winbind use default domain". Might not be any better but is
much more intuitive and flexible I think.
cheers, jerry
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFH8T4tIR7qMdg1EfYRAv/WAKCxFJFx5c67Wb3qFFF+mwSSIDLBnACfe05J
mMKhpbkDOTDlQ7I3V2ieP7k=
=iEHr
-----END PGP SIGNATURE-----
More information about the samba-technical
mailing list