Samba PDC as a password server

Luke Kenneth Casson Leighton lkcl at
Tue Apr 28 16:16:36 GMT 1998

On Wed, 29 Apr 1998, Gerald Carter wrote:

> I finally got around to testing this out and thought everyone would find
> the results fairly interesting ( as well as their implications ).
> Some basic testing between a Samba 1.9.18p4 and and Samba PDC indicates
> that **it is possible** to use a Samba PDC as a password server for
> other samba servers :)
> I tested this by setting
> 	security = server
> 	password server = (ip address of server1)

ah.  you have to watch out for this "password server" specifies the
NetBIOS name of the server to connect to.  the NetBIOS session setup only
works [if you specify the ip address] because samba unconditionally
accepts NetBIOS connections with any called name: it's the only NetBIOS
server allowed to run on an ip address.

if you specify password server = ip.address.of.ntsrv then this will fail
unless the netbios name of the nt server is its own ip address.

> what does this exactly imply.  Well there should be no need to
> distribute the smbpasswd to remote servers using rdist or anything
> else.

this is _really_ good to know.  also, gerald, jeremy is working on
"security = domain".  this will do an LsaSamLogon with type "network"
login to the password server, instead of an SMBnegprot/SMBsessetupX in
pass-through mode.

in other words, samba servers will be able to be members of a samba


More information about the samba-ntdom mailing list