[Samba] [samba] file server: %U or %u?
Rowland Penny
rpenny at samba.org
Thu Aug 31 15:01:49 UTC 2017
On Thu, 31 Aug 2017 16:44:56 +0200
mathias dufresne <infractory at gmail.com> wrote:
> 2017-08-31 16:34 GMT+02:00 Rowland Penny via samba
> <samba at lists.samba.org>:
>
> > On Thu, 31 Aug 2017 16:27:12 +0200
> > mathias dufresne <infractory at gmail.com> wrote:
> >
> > > PS: the short way to explain %u is adding domain/workgroup to
> > > username is the fact we are using trust relationship?
> > >
> >
> > Probably, what you have to get your head around is this:
> >
> > The users 'fred', 'DOMAINA\fred' and 'DOMAINB\fred' are all
> > different users. Winbind will report them as such.
> >
>
> I expect that using "winbind use default domain = yes" DOMAINA\fred
> could be same user as DOMAINB\fred as they both should be named
> "fred", they both should be the first "fred" of the list retrieved by
> "getent passwd" when enumeration is permitted.
>
Well, yes but no ;-)
Lets put it this way, user 'DOMAINA\fred' could be 'Fred Flintstone'
and user 'DOMAINB\fred' could be 'Fred Bloggs', they have the same
samaccountname (in different domains), but are actually different
people. If you use 'winbind use default domain = yes' they will become
the same 'fred'. Fred Flintstone is the boss and as such needs to see
everything, Fred Bloggs is employed to sweep the floor, do you really
want Mr Bloggs to see all of the bosses files ?
Rowland
More information about the samba
mailing list