[Samba] Shared posix account for machine trust

Andrew Bartlett abartlet at samba.org
Wed Feb 18 21:28:48 GMT 2004

On Wed, 2004-02-18 at 23:42, Beast wrote:
> I think that machine trust account did not access any resources, 
> is there any way to avoid using posix account for machine trust? 
> or at least using only one shared posix id?

Machine trust accounts are users, in exactly the same way all other
accounts are.  They can own files, and in the future, we need to
seteuid() to them.  In particular, they must have independent sids,
which means they must have independent UIDs.

You cannot do a normal NTLM login as a machine trust account, but you
can use Kerberos, in an Active Directory environment.

Andrew Bartlett

Andrew Bartlett                                 abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team  abartlet at samba.org
Student Network Administrator, Hawker College   abartlet at hawkerc.net
http://samba.org     http://build.samba.org     http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba/attachments/20040219/10c9bed3/attachment.bin

More information about the samba mailing list