Marc Lanctot wrote:> Hello,
(oops, I should not have deleted that first paragraph).
Basically, I just got a Linux machine to authenticate over via Active
Directory Windows 2003 Domain Controller.
> Now, I'm faced with a problem: I need to be able to login using the
same
> username that I bind against using ldapsearch, and not the
> sAMAccountName given to me via winbind.
>
> ie. to login using one of my AD usernames right now, I issue:
>
> su - ADSDOMAIN+username1
>
> but the binddn I use to search the ldap directory is, say, username2:
>
> ldapsearch -x -W -D"username2" samaccountname=bla
>
> I'd like to be able to do:
>
> su - ADSDOMAIN+username2
>
> and for winbind to recognize username1 and username2 as the same user
> account, and authenticate over the Active Directory server using
> username1. Then, I can have a list of the username mappings in a file,
> or obtain them via LDAP.
>
> I've searched around and couldn't find anything (the username map
field
> in smb.conf seems to be for something else).. and what comes to mind is
> Apache's URL rewriting: I need something similar to this but for
usernames.
>
> Is this possible via Samba/Winbind? If not, is there a way I can do it
> through PAM?
>
> Any help is appreicated, thanks.
>
> Marc
>
>
--
"You must cut down the largest tree in the forest ... with ... a
herring!!"
-- Monty Python