Actually in this case userPrincipalName and sAMAccountname are different. Is it possible that Samba only displays the sAMAccountname? Also if those differ, is it possible that Samba will have problem authenticating against AD using win2k name of the user? On current version of samba that's whats happening. Issue is when win2k and pre-win2k names are different Samba is unable to authenticate the user ( when you try DOMAIN\win2kname ) DOMAIN\pre-win2k user is authenticated but not found in valid users list and hence will be denied access to the share.
In effect when win2k and pre-win2k names differ user can not mount the share using DOMAIn\win2k or DOMAIN\pre-win2k names. :-( On 7/24/07, Gerald (Jerry) Carter <[EMAIL PROTECTED]> wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Felipe Augusto van de Wiel wrote: > Imagining that Samba3 is not as good as Samba4 with AD > and that Samba3 gives preference to NT4-style domains, probably > it is using the pre-win2k names. If you create a user without > "all the options that AD gives" what happens? It actually has more to do with name canonicalization that any missing features. cheers, jerry ===================================================================== Samba ------- http://www.samba.org Centeris ----------- http://www.centeris.com "What man is a man who does not make the world better?" --Balian -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGphPRIR7qMdg1EfYRAl4gAJ4qtrmaHy5kcE/MnrILosqHhFpE0QCbBulr BVMz2GFD5ESxLNN28ZpCJkM= =6QBF -----END PGP SIGNATURE----- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
-- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
