Is it possible to change a users ID once they have logged in. What I am thinking is this;

User logs in with one identity, and then once authenticated, has the identity of a different user.

I would be looking for a by user mapping, ie

user_1 ---> paul
user_2 ---> susan

This sounds like an odd request, but I am trying to avoid renaming a lot of user accounts across multiple servers.

Thanks in anticipation.

no, that's not going to happen. maybe you would bebefit from sudo to allow one user to run things as another? If not maybe a much more detailed description of your scenario would help.. e.g. where are these users held? ldap? nis? why do their uid's matter?

What do you mean by "identity"? The username or the uid? That is the first or the third field of /etc/passwd?

The requirement is that I log in with one username (Domain Username), and this is then mapped to another username (Login Username) once authenticated.

The original user name, which is authenticated, is authenticated against AD on a Windows PDC using Samba.

Once logged in though there are various reqts for the username to change;

- The users already have home directories based on different usernames, it would be nice to use these as they are instead of having to create links, or renaming them.

- There are scripts that use the username to access other servers where the username needs to be the 'mapped to' name.

For example,
I log onto a Linux box with my domain username, and am authenticated with that. I then run scripts that access CVS on another box, but the script uses my Linux username. I am trying to avoid a widespread change of all user names across multiple servers, at least in the short term.

I have tried the username map facility in smb.conf, but this does not seem to work, as it always wants the home directory based on the Domain username. This solution does otherwise look to be pretty much what I want.

I hope that is a little clearer.

This thread seems to have fallen quiet.

I believe the username map facility in Samba should be able to do what I want, but I cannot make this work. Can anyone suggest a way to 'debug' that functionality?

Does anybody have a checklist of things I would need to have done to get 'username map' to work?

Many thanks in anticipation

If you question is about "the username map facility in Samba", you may get more answers if you start a new thread with that in the subject.

I have created another thread here asking a more direct question, but the moderators closed it saying it was a duplicate.

I am really struggling with this, as I have had little positive feedback. Maybe I am asking the wrong questions, I don't know.

So maybe I should consider if username map is really what I want...

1) If I have username map bloggsf --> fredb, where bloggsf is the AD domain login name, and fredb is the linux box name, then should I expect once I have authenticated as bloggsf, that the home directory will be that for fredb?

2) If I subsequently type whoami, will it report back with fredb (the Linux user name), or bloggsf (the AD domain user name)?

Many thanks in anticipation.

Sudo command was a good idea.


Also I am not sure but it may be possible to insert a line in the .bashrc of "bloggsf" user to sudo to "fredb" and get access to "fredb" home directory. The /etc/sudoers file needs to be modified.

Also, I guess all non-root users have equal privileges so configuring sudoers file won't be a big hassle.

GIYF.

I would agree sudo is one solution, and may actually be THE solution.

I can't get away from the fact that the username map option in smb.conf does just what I want, or at least from what I have read. The problem is, I don't seem to get any answers as to how it works, or might work. That makes me feel that it is not the right thing to do.