[Samba] 3.0.20 usermap script execution

Gerald (Jerry) Carter jerry at samba.org
Wed Jan 4 21:13:18 GMT 2006


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Montenegro, Michael H (Michael) wrote:
> I have created a mapusers.bash script (listed below) for 
> mapping Active Directory handles to unix logins.  This
> script is currently working as documented.  I would like
> some insight into how and when this script gets called.  I
> assumed that upon establishing each samba connection, after
> the active directory handle gets authenticated with the domain
> controller it passes the domain\handle to this script to
> determine the unix login to use.  However, it seems to
> execute this script multiple times to establish a connection.
> I have tested this out by clearing the cache using nbtstat
> -R on the client and running smbstatus -u username and
> killing the procids then reconnecting.  Samba consistently
> will pass just the active directory handle without the
> domain first which succeeds because my script will find the
> correct unix login to map to without the domain.  Immediately
> after, Samba will pass the script the domain\handle which will
> also succeed. Why is this?

grep for map_username() in the samba source tree.  Everytime
that function get's called, you script will be called assuming
smbd is trying to map a new name.  Samba has to jump through a
lot of hoops when is comes to usernames which is why it
frequently tries to lookup the unqualified name as well as the
fully qualified version.


cheers, jerry
=====================================================================
Alleviating the pain of Windows(tm)      ------- http://www.samba.org
Centeris                         -----------  http://www.centeris.com
"There's an anonymous coward in all of us."               --anonymous
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (MingW32)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFDvDpuIR7qMdg1EfYRAsorAJ9jbdCKsGpMvd4XUPIsVtCBy5OYwACgjLlY
fuXBc+g9F2UquvQMsHtGz34=
=CQZ8
-----END PGP SIGNATURE-----


More information about the samba mailing list