Re: [samba] Вопрос по рабо те команды wbinfo -u

Системный администратор kuzmich на rrnn.ru
Вт Мар 29 16:35:43 MSD 2005 

----- Original Message ----- 
From: "Alexander Bokovoy" <ab на altlinux.org>
To: "List about Samba usage and development" <samba на altlinux.ru>
Sent: Tuesday, March 29, 2005 2:32 PM
Subject: Re: [samba] Вопрос по рабо те команды wbinfo -u
> > 3.0.4 Между 3.0.4 и 3.0.13 (в частности, 3.0.9-3.0.11) произошли 
> > серьезные изменения, в том числе и в этом аспекте.
Вроде всё облазил - но, увы, касательно этого вопроса ничего не нашёл.
Может ткнёте носом?

2003-09-11 19:52  jerry

        * source/passdb/: passdb.c, pdb_ldap.c: remove getpwnam() calls
        from init_sam_from_xxx().  This means that %u & %g will no longer
        expand, but %U and %G still do.  The payback is that winbindd local
        accounts for users work with 'wbinfo -u' when winbind is running on
        a PDC.

1.
Change in Winbindd Behavior
---------------------------
All usernames returned by winbindd are now converted to lower
case for better consistency.  This means any winbind installation
relying on the winbind username will need to rename existing
directories and/or files based on the username (%u and %U) to lower
case (e.g. mv $name `echo $name | tr '[A-Z]' '[a-z]'`).  This may
include mail spool files, home directories, valid user lines in
smb.conf, etc....

2.
Changes since 3.0.6
smb.conf changes
Parameter Name                      Action
--------------                      ------
winbind enable local accounts       disabled by default

* Only use sAMAccountName and not userPrincipalName when looking up a 
username in AD since the breaks winbindd (lookup_name() only works with the 
sAMAccountName).
* Disable 'winbind enable local accounts' by default.
* Re-enable code to allow sid_to_gid() to perform a group mapping lookup 
before checking with winbindd.
* Allow winbindd to use domain trust account passwords when running on a 
Samba DC to establish an schannel to remote domains.
* Allow winbindd to handle authentication requests only when started without 
either an 'idmap uid' or 'idmap gid' range.

С уважением,
Овечкин Влад.

Подробная информация о списке рассылки Samba