Adam Tauno Williams wrote:
I'm using Samba 3 as a PDC with an Openldap backend and also have a
number of Samba domain member servers that lookup the ldap directory
for
their account information. I use ssh to perform various administration
tasks. There is an account called Administrator in the LDAP directory
that has a UID of 0 . However, after nscd has been started, the next
time i login to one of the member servers using the root account my
username is reported as Administrator and not as root as expected.
This
causes various issues with ssh keys etc..
It only works when you're not running nscd because you're lucky. NSS
will return the first matching entry for a uidnumber={0} lookup.
I would have though that it works because i have 'files' before 'ldap'
in the nsswitch.conf file
It
doesn't really support multiple accounts with the same uidnumber, id
suggest not having a Administration;uidnumber=0 account. Simply map
Administrator = root in Samba if this is the behaviour you want.
I'm not sure how to map Administrator = root. Sounds like a good idea. I
will have to look into this.
I have the following lines in my nsswitch.conf file.
passwd: files ldap
shadow: files ldap
group: files ldap
grepping the output of 'getent passwd' for x:0:
root:x:0:0:root:/root:/bin/bash
Administrator:x:0:5001:Netbios Domain
Administrator:/home/Administrator:/bin/bash
When i stop the nscd service the behaviour of the system returns to
normal.
I apologise if this topic is not directly samba related. However, i'm
sure somebody else must have come accross this behaviour.
nscd is just a dumb cache, you're getting the results of a uidnumber=0
lookup into its cache.
Thanks for your reply
--
Ian Clancy
IT Systems Engineer
Connaught Electronics Ltd.
Dunmore Rd,
Tuam,
Co. Galway,
Ireland.
P : ++353 93 23151
F : ++353 93 23110
E : mailto:[EMAIL PROTECTED]
W : http://www.cel-europe.com
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
