[Samba] Avoiding uid conflicts between rfc2307 user/groups and computers

Marco Gaiarin gaio at sv.lnf.it
Mon Jan 15 12:02:53 UTC 2018

Mandi! Rowland Penny via samba
  In chel di` si favelave...

> You are clear in what you say, but I still do not think you need the ID
> numbers for computers, 'SYSTEM' does not exist on a Unix machine. 

It is not the SYSTEM user (that is a local user to the workstation, so
clearly does not exist on the domain).

But still windows workstation, when accessing some shares with the
SYSTEM user, try to logon with the machine account.

So, suppose i have a computer called KAIN, i spawn a cmd shell in
SYSTEM context and then i try to write to \\my_server\share\text.txt;
workstation at a fist glance, try to acess using KAIN$ account, and if
fail, do a guest access.

If KAIN$ account have no UID (and 'Domain Computers' have no GID),
clearly share acess fail.

I hope i was clear now.

dott. Marco Gaiarin				        GNUPG Key ID: 240A3D66
  Associazione ``La Nostra Famiglia''          http://www.lanostrafamiglia.it/
  Polo FVG   -   Via della Bontà, 7 - 33078   -   San Vito al Tagliamento (PN)
  marco.gaiarin(at)lanostrafamiglia.it   t +39-0434-842711   f +39-0434-842797

	(cf 00307430132, categoria ONLUS oppure RICERCA SANITARIA)

More information about the samba mailing list