[Samba] Authenticating users in domain
Simo
idra at samba.org
Wed Dec 28 11:46:52 GMT 2005
On Wed, 2005-12-28 at 12:33 +0100, Mariusz Kruk wrote:
> I know samba server can work in NT Domain evironment but I would like to
> make something a little more complicated if this is possible.
>
> I have two networks, let's say 192.168.1.0/24 and 192.168.2.0/24
> There is no routing between these networks! (and that's a very important
> requirement).
> In 192.168.1.0 network I have a domain (let's call it DOMAIN).
> In 192.168.2.0 network I have hosts in a workgroup (let's call it
> WORKGROUP).
> I to have a host with two network interfaces plugged into both these
> networks.
> This host is a member of DOMAIN, I can authenticate local users (not
> samba users) with winbind, everything works great. I can run samba as a
> domain member, and this also works. But I would like to run samba on
> 192.168.2.0 plugged interface as a member of WORKGROUP. But I would like
> to authenticate users in DOMAIN. Is it possible? (i mean, user from
> 192.168.2.0 network browses WORKGROUP, finds my host tries to connect to
> share, is asked for a user/password pair; these credentials are then
> used to authenticate the user in DOMAIN as DOMAIN\user with the provided
> password)
You can do the following hack.
Compile a new samba server in another path and configure it with
security = server then tell it to pass authentication over to a password
server which is the controller of the DOMAIN.
That may work.
Simo.
--
Simo Sorce - idra at samba.org
Samba Team - http://www.samba.org
Italian Site - http://samba.xsec.it
More information about the samba
mailing list