[Samba] Use windbind to keep same passwords between NT4 DOM and
linux email?
Buchan Milne
bgmilne at cae.co.za
Mon Jun 3 06:01:03 GMT 2002
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Sorry if you already got a reply, I'm in digest ...
| Message: 2
| From: <2snows at mailandnews.com>
| To: <samba at lists.samba.org>
| Date: Sat, 1 Jun 2002 10:32:25 -0600
| Subject: [Samba] Use windbind to keep same passwords between NT4 DOM
and linux email?
|
| Hello--
|
| I'm working my way through setting up an email server for faculty and
staff
| use at the school my wife teaches at, and while not a Linux whiz, am
making
| good progress so far. The school has a NT 4 server which is used for
domain
| authentication, and I am trying to grapple with whether I can achieve the
| "holly grail" of synchronized passwords between the email server on Linux
| and the NT server.
|
| Looking at using winbind it appears that there are two potential issues:
| 1. The usernames from Linux perspective will be DOM+USERNAME. I could get
| around half the problem this presents with email aliases, but users will
| have to learn to log in using this format.
Samba-2.2.4 allows the use of the "default domain" parameter (I think
that's what it's called) for winbind, so you would only need username
instead of DOM+username.
|
| 2. Home directories. This is something that I was not quite clear on from
| the docs. They say:
|
| =================================
| template homedir
| When filling out the user information for a Windows NT user, the winbindd
| daemon uses this parameter to fill in the home directory for that user. If
| the string %D is present it is substituted with the user's Windows NT
| domain name. If the string %U is present it is substituted with the user's
| Windows NT user name.Default: template homedir = /home/%D/%U
|
| template shell
| When filling out the user information for a Windows NT user, the winbindd
| daemon uses this parameter to fill in the shell for that user.Default:
| template shell = /bin/false
| =================================
|
| Is an actual home directory built for the user (in which I could store
| email), or is it just an shell that is created on a temporary basis?
Winbind does not make homedirs for you, this just tells it what to set
the home directory as (as you would see it in the passwd file, for
example). However, you can have pam_mkhomedir do this for you, just
remember to make the parent directories (pam_mkhomedir only makes one
directory, ie effectively does not use -p with mkdir).
|
| Those are the issues I can see from here; maybe the list will see
more. I'm
| planning on using qmail + courier-imap + squirrelmail and have a test
setup
| working of these on another machine.
|
IMHO, Mandrake 8.2 + samba-2.2.4 RPMs for Mandrake 8.2 on samba's ftp
mirrors would be the easiest, since it sets up everything you need to
get this working, except your entries in smb.conf.
Otherwise, there are some examples (including pam files) at
http://mandrakeuser.org/connect/csamba5.html#winbind (although they now
make it look more difficult than it is on mandrake 8.2 ... ).
- --
|----------------Registered Linux User #182071-----------------|
Buchan Milne Mechanical Engineer, Network Manager
Cellphone * Work +27 82 472 2231 * +27 21 8828820x202
Stellenbosch Automotive Engineering http://www.cae.co.za
GPG Key http://ranger.dnsalias.com/bgmilne.asc
1024D/60D204A7 2919 E232 5610 A038 87B1 72D6 AC92 BA50 60D2 04A7
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQE8+2eMrJK6UGDSBKcRAtimAJwO2HwIx5oC5cpCu7VCeRNr/C88UwCgl31K
mx3tK/OXOccLLuQ/sUwllIo=
=fagW
-----END PGP SIGNATURE-----
More information about the samba
mailing list