[Samba] Question on use of a username map file and security=domain interactions ?

Don McCall donmccall1 at yahoo.com
Thu Jul 17 16:49:19 GMT 2003


Hi ken,
issue is that mapping continues to happen, so what you see is the following:
 
ntusername wsmith gets mapped to unix 'smith';
now the smith username is used to continue parsing thru the user map file, and 
matches smith on the right side, so he gets finally mapped to jsmith on the left.
In other words, we parse thru the entire map file, and continue mapping until there
are no more right side matches...
 
So for your issue, for instance, if you reversed the names in your mapfile:
jsmith=smith
smith=wsmith
I think you would be ok.
he would come in as nt user smith, get mapped to jsmith, and jsmith doesn't have another rightside match.
 
Hope this helps,
Don

Ken Stone <ken at sdd.hp.com> wrote:

Hi ....

I'm looking for thoughts/experiences when the following conditions are met ...

I have 2 users .... say Sam Smith and Jeff Smith

On UNIX (on the samba server) their logins are

Walt Smith = "smith"
Jeff Smith = "jsmith

On the NT DOMAIN side, their logins are

Walt Smith = "wsmith"
Jeff Smith = "smith"

In my smb.config file, I have

security = domain [ and all the stuff that goes with it]
username map = /samba/lib/name-maps

And in name-maps, I have

smith = wsmith
jsmith = smith

Note the re-use of the word "smith" on both sides ....

And the issue is that when Walt Smith mounts \\samba\wsmith from his pc, he
actually gets Jeff Smith's home directory and has the permissions as though
he was Jeff Smith on UNIX .... not good .... And if he mounts \\samba\smith
then he gets his home directory but has the permissions as though he was
Jeff Smith on UNIX ... still bad ... It almost seems as though the name 
mapping is occuring recursively somehow ?

The server in question is an old 2.0.6-pre1 version but I also have a 2.2.9pre1
server that shows issues along the same thing but behaves a bit differently.

Please reply to me directly so I don't miss it in all the noise !!

Thanks

-- Ken
-- 
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba


---------------------------------
Do you Yahoo!?
SBC Yahoo! DSL - Now only $29.95 per month!


More information about the samba mailing list