[Samba] Variable substitution or wildcards in "username map"
pepe at embl.de
Wed May 4 10:20:28 GMT 2005
Is it possible to use wildcards or variable substitution in the
"username map"? I am using:
security = ADS
password server = TEST1.MYDOMAIN
The samba server joined the subdomain TEST1.MYDOMAIN. There is a trusted
relationship between MYDOMAIN and TEST1.MYDOMAIN. I want ONLY users from
TEST1.MYDOMAIN to have access to the samba shares, users from MYDOMAIN
must be rejected.
The problem I have now is:
- a username MYDOMAIN\user1 mapping a share gets authenticated by
MYDOMAIN due to the trusted relationship and then mapped to unix user1.
- a username TEST1\user1 mapping a share gets authenticated by TEST1 and
then mapped to unix user1.
so I have 2 different windows users mapped to the same unix user. I can
solve the problem by mapping just the valid users in "username map" this
!user1 = TEST1\user1
nobody = *
I have more than 1000 users and serveral samba servers... so keeping all
"username map" in sync can be a pain. Could I use wildcards in the
"username map"? If so, what is the syntax? I tried the following but
does not work...
nobody = MYDOMAIN\*
Can I use variable substitution? I would like to do something like this:
%U = TEST1\%U
nobody = MYDOMAIN\%U
Francisco Lozano - EMBL (Heidelberg)
More information about the samba