[Samba] Avoiding uid conflicts between rfc2307 user/groups and computers
Marco Gaiarin
gaio at sv.lnf.it
Mon Jan 15 12:02:53 UTC 2018
Mandi! Rowland Penny via samba
In chel di` si favelave...
> You are clear in what you say, but I still do not think you need the ID
> numbers for computers, 'SYSTEM' does not exist on a Unix machine.
It is not the SYSTEM user (that is a local user to the workstation, so
clearly does not exist on the domain).
But still windows workstation, when accessing some shares with the
SYSTEM user, try to logon with the machine account.
So, suppose i have a computer called KAIN, i spawn a cmd shell in
SYSTEM context and then i try to write to \\my_server\share\text.txt;
workstation at a fist glance, try to acess using KAIN$ account, and if
fail, do a guest access.
If KAIN$ account have no UID (and 'Domain Computers' have no GID),
clearly share acess fail.
I hope i was clear now.
--
dott. Marco Gaiarin GNUPG Key ID: 240A3D66
Associazione ``La Nostra Famiglia'' http://www.lanostrafamiglia.it/
Polo FVG - Via della Bontà , 7 - 33078 - San Vito al Tagliamento (PN)
marco.gaiarin(at)lanostrafamiglia.it t +39-0434-842711 f +39-0434-842797
Dona il 5 PER MILLE a LA NOSTRA FAMIGLIA!
http://www.lanostrafamiglia.it/index.php/it/sostienici/5x1000
(cf 00307430132, categoria ONLUS oppure RICERCA SANITARIA)
More information about the samba
mailing list