Web lists-archives.com

Re: [Samba] [samba] file server: %U or %u?

On Thu, 31 Aug 2017 16:44:56 +0200
mathias dufresne <infractory@xxxxxxxxx> wrote:

> 2017-08-31 16:34 GMT+02:00 Rowland Penny via samba
> <samba@xxxxxxxxxxxxxxx>:
> > On Thu, 31 Aug 2017 16:27:12 +0200
> > mathias dufresne <infractory@xxxxxxxxx> wrote:
> >
> > > PS: the short way to explain %u is adding domain/workgroup to
> > > username is the fact we are using trust relationship?
> > >
> >
> > Probably, what you have to get your head around is this:
> >
> > The users 'fred', 'DOMAINA\fred' and 'DOMAINB\fred' are all
> > different users. Winbind will report them as such.
> >
> I expect that using "winbind use default domain = yes" DOMAINA\fred
> could be same user as DOMAINB\fred as they both should be named
> "fred", they both should be the first "fred" of the list retrieved by
> "getent passwd" when enumeration is permitted.

Well, yes but no ;-)

Lets put it this way, user 'DOMAINA\fred' could be 'Fred Flintstone'
and user 'DOMAINB\fred' could be 'Fred Bloggs', they have the same
samaccountname (in different domains), but are actually different
people. If you use 'winbind use default domain = yes' they will become
the same 'fred'. Fred Flintstone is the boss and as such needs to see
everything, Fred Bloggs is employed to sweep the floor, do you really
want Mr Bloggs to see all of the bosses files ?


To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba