[Samba] Solaris username character limit issues.
Nicholas Majeran
nmajeran at poletown.com
Sat Jul 10 22:27:26 GMT 2004
Hello,
I've compiled Samba 3.0.4 with Heimdal 0.6.2 and all of the other
trimmings to join and ADS tree, which I have successfully done. Winbind
correctly pulls all of the username and group information from the ADS
tree and all is good.
However...
I seem to be running into a wall with the wonderful Solaris 8 character
username / groupname limit. Usernames with spaces or names longer than 8
characters show up fine when I do a getent [passwd|group], and I can
ch{own,grp} using the GNU versions of those utilities a file to something
like 'Domain Admins' without any trouble.
But, if I do something like:
[myshare]
path = /attach/blah
valid users = "TEAMSTER/Jimmy Hoffa" @"TEAMSTER/Domain Admins"
I will be denied access if:
-- I try to connect as TEAMSTER\Jimmy Hoffa
-- I try to connect as member of the group TEAMSTER\Domain Admins if that
username in the group has a username longer than 8 characters.
I will be granted access if:
-- I create a UNIX user called 'jimmhoff' and put something like
jimmhoff = 'Jimmy Hoffa' in a username.map file.
-- I connect as a Domain Admin that has a username 8 characters or shorter
(with no spaces).
There also seems to be some issues with username.map and reverse mappings
with respect to group membership on the ADS tree, i.e. if "Jimmy Hoffa"
was a member of Domain Admins, and I had it mapped to UNIX user
'jimmhoff', no luck.
And, the ownership and the group settings on the directory are
drwxrwxr-x Jimmy Hoffa Domain Admins 512 Jul 10 15:54 blah
Am I stuck with the limitation or is there something I'm missing??
Thanks for any help.
Nick Majeran
More information about the samba
mailing list