[Samba] Re: ADS valid users can't map share
Gerald (Jerry) Carter
jerry at samba.org
Wed Oct 20 16:02:16 GMT 2004
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Igor Belyi wrote:
| Are you saying that username will be sent differently
| depending on the protocol Samba and ADS agree to? And
| that if it's Kerberos, the name will be <Domain name>\<username>
| even if 'winbind separator = +' in smb.conf?
No. It's not a protocol issue. It's a bug in smbd.
We call map_username() on the fully qualified username
(using whatever winbind separator you have set in smb.conf)
when handling a kerberos SMBsessetup&X and only pass the
login name when doing the NTLM authentication.
cheers, jerry
- ---------------------------------------------------------------------
Alleviating the pain of Windows(tm) ------- http://www.samba.org
GnuPG Key ----- http://www.plainjoe.org/gpg_public.asc
"If we're adding to the noise, turn off this song"--Switchfoot (2003)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFBdowIIR7qMdg1EfYRAupBAJ9GCAC7922CG88/rDdiW+tvfcKYRwCggYQu
Ib/k8G2apezHXrbLftemmdE=
=1O0o
-----END PGP SIGNATURE-----
More information about the samba
mailing list