Linux, Windows AD domain, and IDs

[Dan Ritter]

On Fri, Dec 03, 2010 at 06:23:46PM -0500, Scott Ehrlich wrote:
> You have a CentOS (for example) workstation that is a member of a
> Windows AD domain courtesy of modified smb.conf and krb5.conf files.
> There are, thus, no local user accounts on the linux workstation.
> 
> There is a network application that benefits most (maybe even
> requires) the user's employee ID as their linux workstation uid.
> 
> Thus, if I log in, my domain username might be scott12.   My employee
> ID might be se123456.    If I log into the linux workstation, I'm
> going to log in as scott12 along with providing my password.    I type
> id at the shell, and am given something like 100001 (scott12) for the
> user.    How can I manage to make the id [also] equal to se123456 for
> user scott12 without breaking anything?
> 
> Or, if not possible, is there any other option other than to create a
> local account as se123456 and likely migrate the user's world to that
> new local account?  I'd rather not.
> 
> Thanks for any leads.

I don't think I understand your problem entirely, but does it
help if I mention that your username is not your userid, and you
can have multiple accounts with the same numeric userid (and
thus the same permissions) but with different usernames?

i.e.:

username:x:1024:65534:useless name:/home/username:/bin/sh
otherguy:x:1024:65534:other guy:/home/username:/bin/sh

are the same userid, and have precisely the same permissions.


-dsr-



-- 
http://tao.merseine.nu/~dsr/eula.html is hereby incorporated by reference.
You can't defend freedom by getting rid of it.