[Samba] same username in /etc/passwd and in AD

[Andreas Habel]

Hi,

we are currently in the process of testing a Samba AD setup and have identified some "challenges" regarding user accounts in /etc/passwd and in AD.

Let me explain today's situation. Today we use a Linux file server that serves for both Linux and Windows clients and that acts as a NT4 PDC. The client computers are dual boot Linux/Win 7. Under Linux, /etc/passwd, /etc/group and /etc/shadow are rsynced from a central server to all other Linux servers and clients in our network. The home folders for Linux users are mapped nfs shares that physically reside on the Linux file server (that also is our PDC). Windows users map their smb shares from the same server. Under Linux we have an application that relies on that users of this application exist in /etc/passwd. We use the same username/password for both the Windows domain and under Linux.

Now, with the move to Samba AD, I read several places in the wiki and on this list that we can't have the same username in local /etc/passwd and in AD, but I haven't seen an explanation why this might not be a good idea. In our world, we have the same /etc/passwd on all Linux clients and servers, and we have control over user and group IDs so that they would be identical in /etc/passwd and in AD for a given user.

I would therefore like to have
-       an AD DC,
-       a Linux file server as domain member, but with /etc/passwd that has the same usernames as in AD,
-       Windows clients (domain members),
-       Linux clients (not domain members, but with identical /etc/passwd like on file server and in AD).

So let me know what I'm missing or what I have not understood.

Best regards,
Andreas


--
Andreas Habel
Petroleum engineering lab
Geosciences | Unix network
Faculty of Science and Technology
University of Stavanger
Norway

Phone: +47-51 83 22 93