[Samba] libpam-winbind mkhomedir

Rowland penny rpenny at samba.org
Tue Jun 1 20:40:25 UTC 2021

On 01/06/2021 21:31, Andrew Walker wrote:
> On Tue, Jun 1, 2021 at 3:53 AM Rowland penny via samba 
> <samba at lists.samba.org <mailto:samba at lists.samba.org>> wrote:
>     This doesn't affect Linux unless your computers gain a uidNumber
>     and congratulations, you appear to have found
>     a bug.
> I believe RID backend, which is being used here, can provide idmapping 
> for computer accounts, since it just algorithmically maps IDs to SIDs. 
> This can be helpful in some situations IIRC where Windows may attempt 
> to authenticate to the samba server using its machine account rather 
> than the account of the currently logged in user. I believe some 
> backup software does this.

I found this out, I had never thought to run 'getent passwd' with a 
computer name, but when I tried it using the 'rid' backend, it worked. 
In my opinion it shouldn't, but if it has to, it shouldn't show the 
computers primary group as Domain Users.


More information about the samba mailing list