[Samba] Why isn't "<Domain>\<User>' = to <User> on PDC? Isn't it supposed to be?
Linda Walsh
samba at tlinx.org
Mon Aug 1 05:49:09 MDT 2011
When I access my PDC, via a unix service,
from a Domain client with a domain login,
the PDC attempts to validate <Domain>\<User> against the the
authentication DB, but on a mounted file system,
a user on the PDC = '<domain>\<user>' ... (which is what
I thought it should be).
But if I use 'ssh <Pdc>',
it authenticates as user 'Domain\User'
Now I hacked around this for myself, by adding an entry to the /etc/passwd
that dups my PDC usr, except prefixes it with the Domain name.
in /etc/passwd:
linda:x:1001:201:linda at localhost:/home/me:/bin/bash
Domain\linda:x:1001:201:linda at Domain:/home/me:/bin/bash
---
But that just seems 'wrong'....
Shouldn't pam_winbind, in the pam stack be 'Domain' & PDC aware?
Or would that just be an RFE??
How do others deal with the above issues? Or is something
'handling' them (i.e. doing the mapping?)
----
Note, that
"wbinfo -u"
and
"wbinfo --domain=DOMAIN -u"
return identical lists.
so why isn't pam_winbind treating DOMAIN\USER as USER?
More information about the samba
mailing list