[Samba] Prewin2kname with samba
Arvind Deshpande
pilyad at gmail.com
Wed Jul 25 17:50:50 GMT 2007
This is the code which is returning the uSAMAccountName which is pre-win2k
name of the user.
char *ads_pull_username(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx,
LDAPMessage *msg)
{
#if 0 /* JERRY */
char *ret, *p;
/* lookup_name() only works on the sAMAccountName to
returning the username portion of userPrincipalName
breaks winbindd_getpwnam() */
ret = ads_pull_string(ads, mem_ctx, msg, "userPrincipalName");
if (ret && (p = strchr_m(ret, '@'))) {
*p = 0;
return ret;
}
#endif
return ads_pull_string(ads, mem_ctx, msg, "sAMAccountName");
}
On 7/24/07, Arvind Deshpande <pilyad at gmail.com> wrote:
>
> Actually in this case userPrincipalName and sAMAccountname are different.
> Is it possible that Samba only displays the sAMAccountname?
> Also if those differ, is it possible that Samba will have problem
> authenticating against AD using win2k name of the user?
> On current version of samba that's whats happening.
> Issue is when win2k and pre-win2k names are different Samba is unable to
> authenticate the user ( when you try DOMAIN\win2kname )
> DOMAIN\pre-win2k user is authenticated but not found in valid users list
> and hence will be denied access to the share.
>
> In effect when win2k and pre-win2k names differ user can not mount the
> share using DOMAIn\win2k or DOMAIN\pre-win2k names.
> :-(
>
> On 7/24/07, Gerald (Jerry) Carter <jerry at samba.org<https://mail.google.com/mail?view=cm&tf=0&to=jerry@samba.org>>
> wrote:
> >
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> >
> > Felipe Augusto van de Wiel wrote:
> > > Imagining that Samba3 is not as good as Samba4 with AD
> > > and that Samba3 gives preference to NT4-style domains, probably
> > > it is using the pre-win2k names. If you create a user without
> > > "all the options that AD gives" what happens?
> >
> > It actually has more to do with name canonicalization
> > that any missing features.
> >
> >
> >
> >
> >
> > cheers, jerry
> > =====================================================================
> > Samba ------- http://www.samba.org
> > Centeris ----------- http://www.centeris.com
> > "What man is a man who does not make the world better?" --Balian
> > -----BEGIN PGP SIGNATURE-----
> > Version: GnuPG v1.4.2.2 (Darwin)
> > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
> >
> > iD8DBQFGphPRIR7qMdg1EfYRAl4gAJ4qtrmaHy5kcE/MnrILosqHhFpE0QCbBulr
> > BVMz2GFD5ESxLNN28ZpCJkM=
> > =6QBF
> > -----END PGP SIGNATURE-----
> > --
> > To unsubscribe from this list go to the following URL and read the
> > instructions: https://lists.samba.org/mailman/listinfo/samba
> >
>
>
More information about the samba
mailing list