Authentifikation with NT4/2000

[Haugg, Franz]

Hello,

this is my first writing contact to this list group.

System:   Windows NT4 Domain
               SuSE Linux 7.0
               Samba 2.0.7

1.) I want the samba server act as near as possible to an Windows BDC.
User Accounts only at Win PDC.
Group security only at Win PDC
Transfer to linux/samba as necessary, without manual administration.

Till now this parts are working O.K.:

  -  workgroup = MYDOMAIN
  - security = DOMAIN
  - encrypt password = Yes
  - password server = MYSRV01 MYSRV02 MYSRV03
  - add user script = /usr/sbin/useradd %u -g smbusers
  - delete user script = /usr/sbin/userdel %u

With this setting, all automatic created users are in primary group
sbmusers.
Now I want to implement a finer granularity for SMB-shares, based on groups
of
Windows PDC (smblevel1, smblevel2, smblevel3, ... ) only.

[pub]
  path = /smb/pub
  valid users = @smbusers     O.K.
  ....

[smblevel1]
  path = /smb/smblevel1
  valid users = @smblevel1    !!! Samba doesn't accept this group from
Windows PDC !!!
  ....

Is this design impossible for samba 2.0.7, or did I make a mistake ?

2.) I read about the problem with w2k domain with even/odd domain name.
     In the real world it is impossible to change an domain name cause of a
failure
     in authetification protocoll between win2k and samba !

     Is something around like a new version of samba or a fix for w2k in the
near future ?

Many Thanks

Franz Haugg
m quadrat Consulting
CH - Basel