Samba PDC as a password server

Gerald Carter cartegw at Eng.Auburn.EDU
Tue Apr 28 16:52:28 GMT 1998

Luke Kenneth Casson Leighton wrote:
> > I tested this by setting
> >
> >       security = server
> >       password server = (ip address of server1)
> ah.  you have to watch out for this "password server" specifies the
> NetBIOS name of the server to connect to.  the NetBIOS session setup 
> only works [if you specify the ip address] because samba 
> unconditionally accepts NetBIOS connections with any called name: it's 
> the only NetBIOS server allowed to run on an ip address.

Yup.  I was working off of vague memories of the docs.  You are
correct.  I just set the "password server = NetBIOS_name_of_Samba_pdc"
and things resolved correctly.  The validation still worked.

> if you specify password server = ip.address.of.ntsrv then this will 
> fail unless the netbios name of the nt server is its own ip address.

But because Samba will accept an IP address in the sessions setup it
does work?  Is that what you were saying previsouly?  If the password
server was a NT box, then it would reject the sessions setup because it
was expecting a NetBIOS name for the request.  Correct?

> this is _really_ good to know.  also, gerald, jeremy is working on
> "security = domain".  this will do an LsaSamLogon with type "network"
> login to the password server, instead of an SMBnegprot/SMBsessetupX in
> pass-through mode.
> in other words, samba servers will be able to be members of a samba
> domain.

Cool! :)

                            Gerald ( Jerry ) Carter	
Engineering Network Services                           Auburn University 
jerry at   

       "...a hundred billion castaways looking for a home."
                                  - Sting "Message in a Bottle" ( 1979 )

More information about the samba-ntdom mailing list