[Samba] Avoiding uid conflicts between rfc2307 user/groups and computers
rpenny at samba.org
Mon Jan 15 10:19:26 UTC 2018
On Mon, 15 Jan 2018 10:51:54 +0100
Marco Gaiarin via samba <samba at lists.samba.org> wrote:
> Mandi! Rowland Penny via samba
> In chel di` si favelave...
> > I am not disputing what you say, I am just asking for concrete proof
> > that a computer account MUST have a uidNumber account.
> Rowland, it is not (only) a matter of authentication, it is a matter
> of 'act' with machine account.
> I've digged a bit but found nothing than (i use WPKG as deployment
> system, it is only an example):
> probably was some old thread in mailing list; anyway, SYSTEM user can
> act (eg, access shares) with the machine account credentials; AFAIK
> accessing as SYSTEM to a share will trigger an access with machine
> account, and as fallback as anonymous/Everyone.
> So, if you mean that machine account can auth without UID, it is
> right; if they need access (non anonymous) to some share, i suppose a
> UID is needed.
> I hope i was clear.
You are clear in what you say, but I still do not think you need the ID
numbers for computers, 'SYSTEM' does not exist on a Unix machine.
More information about the samba