[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Anyone familiar with using samba as PDC with LDAP ?



It's a known and badly designed attempt at security by Sun, and has nothing
to do with LDAP or Samba. 'sides, I never tried to login as root from the
remote machine.

Thanks anyway.

Oded

--
Everyone is alone, it's just easier to suffer it in a relationship.
      -- Fishizm.


----- Original Message -----
From: "Hava Lester" <hava18@hadassah.org.il>
To: "Oded Arbel" <oded@geek.co.il>
Cc: "Linux-IL Mailing list" <linux-il@cs.huji.ac.il>
Sent: Tuesday, November 06, 2001 10:18 AM
Subject: Re: Anyone familiar with using samba as PDC with LDAP ?


>
> This isn't an answer, but might provide a clue.
> I had something similar once in Solaris NIS+. su root on a client made you
into 'nobody'.
>
> http://www.linuxdoc.org/LDP/nag/node144.html :
> "root squash:
>        This is a security feature that denies the super user on the
specified hosts any special
> access rights by mapping requests from uid 0 on the client to uid 65534
(-2) on the server. This uid
> should be associated with the user nobody. "
>
> Hava
>
>
> Oded Arbel wrote:
> >
> > I have no idea why the clients try to authenticate as "noody" (and I do
not
> > think there is a setting for that in smb.conf) it does not make sense to
me.
> >
> > Oded
> >
> > --
> > Geoffrey : "I have a feeling this is going to be the beginning of a
> > beautiful hatred."
> >  -- from "The Two Mrs. Carrolls"
> >
> > ----- Original Message -----
> > From: "guy keren" <choo@actcom.co.il>
> > To: "Oded Arbel" <oded@geek.co.il>
> > Cc: "Linux-IL Mailing list" <linux-il@cs.huji.ac.il>
> > Sent: Tuesday, November 06, 2001 2:50 AM
> > Subject: Re: Anyone familiar with using samba as PDC with LDAP ?
> >
> > >
> > > out of this mess, let me ask a naive question - why do the clients try
to
> > > authenticate as user 'nobody' ? ofcourse the passwords they supply are
> > > invalid for this user - unless you set up some password for 'nobody'
> > > (naah, i don't think you'd do such a thing).
> > >
> > > did you perhaps somehow tell samba to treat these users as user
'nobody',
> > > when accessing the server (i recall there's such an option in samba's
> > > configuration) ?
> > >
> > > guy
>
>
> --
> ************************************************************************
> Hava Lester, PhD hava18@hadassah.org.il   +972 (0)2 677 7148
>   home: hava18@netvision.net.il   +972 (0)2 567 0778
> Dept Nuclear Medicine, Hadassah Hospital, Ein Kerem, Jerusalem, Israel
>


=================================================================
To unsubscribe, send mail to linux-il-request@linux.org.il with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail linux-il-request@linux.org.il