NT/Samba-NIS
Geoff Silver <gsilver at winstar.com>
gsilver at winstar.com
Tue Sep 19 13:20:51 GMT 2000
> You should be able to join the linux boxes to the NT-controlled domain,
> which will keep all authentication on the PDC. Account information will
> be handled by NIS.
Yes, we do that for our Samba file servers. The problem is that we must
create user accounts on every machine. NIS will centralize that, but
I need a method to duplicate and sync the NT accounts and groups to
NIS. If an NT admin deletes a user, NIS should automatically update. If
they create a new NT user account or add a user to a group, that info
should also be updated on the NIS master. If Samba could be a stable BDC,
I might not have to write Perl scripts to run on NT, but I'll still need
them on the NIS master/BDC (if it's even possible).
Incidentally, ActiveState's NT Perl binaries SUCK! For instance,
$var1='test';
if ($var1 != "") { print "Var 1 is not null"; }
else { print "Var 1 is null"; }
is sometimes null and sometimes not null. It's absolutely ridiculous -
which is why I'd much prefer to do Perl scripting/synchronization strictly
under Linux with Samba as a BDC than on the NT PDC.
> Make trust accounts for the samba boxes on the PDC, and try "smbpasswd
> -j <domain>" (no guarantees on this one, I have no NT PDC!)
Actually, we use 'smbpasswd -j <domain> -r <PDC>' (the -r might only be
needed on 2.0.5 and earlier), but yes, that does work. But, thanks for
the help.
> Buchan
>
> Geoff Silver wrote:
> >
> > Greetings,
> > I've spent several days going though the list archives, online
> > Samba docs, e-mailing LUGs, and searching Google, and I've come to a
> > sticking point. I'm not a member of this list, but this seemed like the
> > perfect place for this question, since no one else has been able to offer
> > much help. If anyone can help and would be kind enough to include my
> > address in any group replies, that would be extremely appreciated. Here's
> > my scenario:
> > I work for a communications company of about 6000 people near
> > Washington, D.C., USA. In order to save money and move the company away
> > from Windows, I'm working on migrating the file and print servers in the
> > company from NT to Linux & Samba. I've already proven that printing can
> > be done (although the help desk isn't thrilled about visiting workstations
> > to install NT workstation print drivers, they have agreed to do it until
> > Samba 2.2 is released in final).
> > The problem we're encountering is with our file servers. While
> > the Linux servers don't need to allow logins, they do need account
> > information so that we can create home directories and set permissions.
> > I'm leaning towards running an NIS domain parallel to the NT
> > domain. Since Samba will do the authentication off the domain
> > controllers, the NIS domain will just be a centralized user/group
> > mechanism. The problem is how to keep them in sync.
> [snip]
> > I'd certainly appreciate any help anyone can offer. Of course,
> > we're trying to integrate this into a production network, so the solution
> > has to be stable and (hopefully) easy to maintain. Running Samba as the
> > PDC (or trying to use /etc/smbpasswd for authentication) isn't an option.
> > Again, please e-mail me seperately, or include my address in any
> > replies. Thanks for your time and assistance!
> >
> > --
> > Geoff Silver
> > Systems Architect, WinStar Communications
> > gsilver at winstar.com
> > (703) 889-1053
>
>
--
Geoff Silver
Systems Architect, WinStar Communications
gsilver at winstar.com
(703) 889-1053
More information about the samba-ntdom
mailing list