[Samba] allow trusted domains
Andrew Bartlett
abartlet at samba.org
Sat Mar 3 02:43:42 MST 2012
On Mon, 2012-02-27 at 14:07 +0700, Victor Sudakov wrote:
> As written in http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/idmapper.html
>
> "Where winbindd is not used Samba (smbd) uses the underlying
> UNIX/Linux mechanisms to resolve the identity of incoming network
> traffic. This is done using the LoginID (account name) in the session
> setup request and passing it to the getpwnam() system function call.
> This call is implemented using the name service switch (NSS) mechanism
> on modern UNIX/Linux systems. By saying "users and groups are local,"
> we are implying that they are stored only on the local system, in the
> /etc/passwd and /etc/group respectively.
>
> For example, when the user BERYLIUM\WambatW tries to open a connection
> to a Samba server the incoming SessionSetupAndX request will make a
> system call to look up the user WambatW in the /etc/passwd file. "
>
> My question: if BERYLIUM trusts ANOTHERDOMAIN, and
> ANOTHERDOMAIN\WambatW tries to open a connection to my Samba server,
> what user will be looked up in /etc/passwd?
It should be:
ANOTHERDOMAIN\WambatW
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
More information about the samba
mailing list