Gerald (Jerry) Carter wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Greg Adams wrote: | I'm sorry, I still don't quite follow you. | | I have "security = ads", and, as far as I can tell, | a working kerberos installation, so that means I'm | using kerberos authentication, right?
Correct.
| From the messages above, that means samba should | be honoring the domain portion of entries in the | username map, which it is not doing. Or am I | using NTLM authentication for some weird reason?
smbd should be honoring entries like
jerry = AD\gcarter
You can check a level 10 smbd debug log to verify that the krb5 SNPEGO login is working.
I'll work on getting the NTLM/username map functionality fixed.
Jerry,
Are you saying that username will be sent differently depending on the protocol Samba and ADS agree to? And that if it's Kerberos, the name will be <Domain name>\<username> even if 'winbind separator = +' in smb.conf?
Thanks, Igor
-- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
