[Samba] Solaris username character limit issues.

Nicholas Majeran nmajeran at poletown.com
Sat Jul 10 22:27:26 GMT 2004


Hello,

I've compiled Samba 3.0.4 with Heimdal 0.6.2 and all of the other
trimmings to join and ADS tree, which I have successfully done.  Winbind
correctly pulls all of the username and group information from the ADS
tree and all is good.

However...

I seem to be running into a wall with the wonderful Solaris 8 character
username / groupname limit.  Usernames with spaces or names longer than 8
characters show up fine when I do a getent [passwd|group], and I can
ch{own,grp} using the GNU versions of those utilities a file to something
like 'Domain Admins' without any trouble.

But, if I do something like:

[myshare]
path = /attach/blah
valid users = "TEAMSTER/Jimmy Hoffa" @"TEAMSTER/Domain Admins"

I will be denied access if:
-- I try to connect as TEAMSTER\Jimmy Hoffa
-- I try to connect as member of the group TEAMSTER\Domain Admins if that
   username in the group has a username longer than 8 characters.

I will be granted access if:
-- I create a UNIX user called 'jimmhoff' and put something like
   jimmhoff = 'Jimmy Hoffa' in a username.map file.
-- I connect as a Domain Admin that has a username 8 characters or shorter
   (with no spaces).

There also seems to be some issues with username.map and reverse mappings
with respect to group membership on the ADS tree, i.e. if "Jimmy Hoffa"
was a member of Domain Admins, and I had it mapped to UNIX user
'jimmhoff', no luck.

And, the ownership and the group settings on the directory are

drwxrwxr-x     Jimmy Hoffa Domain Admins 512 Jul 10 15:54 blah

Am I stuck with the limitation or is there something I'm missing??

Thanks for any help.

Nick Majeran



More information about the samba mailing list