[CentOS] samba3x PDC and Win XP

Thu Aug 2 00:30:38 UTC 2012
Paul R. Ganci <ganci at nurdog.com>

On 08/01/2012 09:13 AM, Andreas Rogge wrote:
> Am 01.08.2012 09:39, schrieb Paul R. Ganci:
>> anybody have a clue as to why %u is not evaluating to the linux username
>> snichols and is getting treated simply as the string %u?
> The stage at which %u needs to be evaluated in this case is before the
> user authentication happens.
> You have to use %U instead of %u - this is not a security issue as
> having the wrong UNC path should (and probably will) be caught using ACLs.
Thank you so much for this bit of information. I have spent 3 days on 
this issue and now realize I was searching the web with the wrong 
question. As soon as I asked for the difference between %U and %u 
everything becomes clear. Apparently the use of %u as I have been using 
it for the last 5 years was deprecated and apparently with samba3x stops 
working altogether.

The documentation is not very clear about the difference between %u and 
%U. The best I could find is that %u evaluates to the Linux username and 
that %U evaluates to (in my case) the Win XP client username. These do 
not necessarily have to be the same. Therefore I always used the %u 
version believing I was trusting the Linux. Besides out of the box the 
smb.conf uses %u as I did. Live and learn I suppose.

I haven't fixed my configuration yet but from what I just learned today 
this solution is what I was searching for the last three days. Again 
thank you very much for the information.

-- 
Paul (ganci at nurdog.com)