[Samba] auth. username rewriting?

Marc Lanctot marc.lanctot at mail.mcgill.ca
Mon Dec 13 16:23:56 GMT 2004


Now, I'm faced with a problem: I need to be able to login using the same 
username that I bind against using ldapsearch, and not the 
sAMAccountName given to me via winbind.

ie. to login using one of my AD usernames right now, I issue:

   su - ADSDOMAIN+username1

but the binddn I use to search the ldap directory is, say, username2:

   ldapsearch -x -W -D"username2" samaccountname=bla

I'd like to be able to do:

   su - ADSDOMAIN+username2

and for winbind to recognize username1 and username2 as the same user 
account, and authenticate over the Active Directory server using 
username1. Then, I can have a list of the username mappings in a file, 
or obtain them via LDAP.

I've searched around and couldn't find anything (the username map field 
in smb.conf seems to be for something else).. and what comes to mind is 
Apache's URL rewriting: I need something similar to this but for usernames.

Is this possible via Samba/Winbind? If not, is there a way I can do it 
through PAM?

Any help is appreicated, thanks.


"You must cut down the largest tree in the forest ... with ... a herring!!"
   -- Monty Python

More information about the samba mailing list