Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
no, that's not going to happen. maybe you would bebefit from sudo to allow one user to run things as another? If not maybe a much more detailed description of your scenario would help.. e.g. where are these users held? ldap? nis? why do their uid's matter?
The requirement is that I log in with one username (Domain Username), and this is then mapped to another username (Login Username) once authenticated.
The original user name, which is authenticated, is authenticated against AD on a Windows PDC using Samba.
Once logged in though there are various reqts for the username to change;
- The users already have home directories based on different usernames, it would be nice to use these as they are instead of having to create links, or renaming them.
- There are scripts that use the username to access other servers where the username needs to be the 'mapped to' name.
For example,
I log onto a Linux box with my domain username, and am authenticated with that. I then run scripts that access CVS on another box, but the script uses my Linux username. I am trying to avoid a widespread change of all user names across multiple servers, at least in the short term.
I have tried the username map facility in smb.conf, but this does not seem to work, as it always wants the home directory based on the Domain username. This solution does otherwise look to be pretty much what I want.
I believe the username map facility in Samba should be able to do what I want, but I cannot make this work. Can anyone suggest a way to 'debug' that functionality?
Does anybody have a checklist of things I would need to have done to get 'username map' to work?
I have created another thread here asking a more direct question, but the moderators closed it saying it was a duplicate.
I am really struggling with this, as I have had little positive feedback. Maybe I am asking the wrong questions, I don't know.
So maybe I should consider if username map is really what I want...
1) If I have username map bloggsf --> fredb, where bloggsf is the AD domain login name, and fredb is the linux box name, then should I expect once I have authenticated as bloggsf, that the home directory will be that for fredb?
2) If I subsequently type whoami, will it report back with fredb (the Linux user name), or bloggsf (the AD domain user name)?
Also I am not sure but it may be possible to insert a line in the .bashrc of "bloggsf" user to sudo to "fredb" and get access to "fredb" home directory. The /etc/sudoers file needs to be modified.
Also, I guess all non-root users have equal privileges so configuring sudoers file won't be a big hassle.
I would agree sudo is one solution, and may actually be THE solution.
I can't get away from the fact that the username map option in smb.conf does just what I want, or at least from what I have read. The problem is, I don't seem to get any answers as to how it works, or might work. That makes me feel that it is not the right thing to do.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.