On Thu, 2006-07-20 at 11:35 -0500, Gerald (Jerry) Carter wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Volker, > > Assume I have a member server named LINUX joined to a > domain name AD. Now assume I have a local user named foo > in my passdb and a user named foo in the domain as well. > I'm modifying winbindd_util.c:parse_domain_user() to do > a lookup_name() to try to figure out which domain to prepend > to the username rather than just assuming its a domain user. > But this means that we'll always choose the local user > (due to the order of an isolated search in lookup_name()). > > The main problem is the use default domain abomination > will confuse local and domain users of the same name and > possibly return incorrect group membership. > > I am about a 1/2 inch from marking the smb.conf option > as deprecated and adding similar option to pam_winbind.conf. > This option just cannot work reliably. > > Do you have any suggestions?
I would just document that local users will always take precendence. Winbind use default domain is too valuable to be removed imho. Simo. -- Simo Sorce Samba Team GPL Compliance Officer email: [EMAIL PROTECTED] http://samba.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
