NT4.0 PDC and Samba help

Ryan Koski Ryan at US.Distribution.com
Mon Aug 17 20:16:33 GMT 1998


I beat you to this point. :-)  See the copied message from Mr. Carter

On Fri, 14 Aug 1998, Ryan Koski wrote:
	> Maybe I'm misunderstanding how SAMBA/NTDOM is supposed to
work.  Is it
	> supposed to be possible to get a SAMBA server to get ALL of
it's auth
	> info from an NT PDC without having to administer user accounts
on the
	> SAMBA server whatsoever?  Or do I need to have user accounts
on the
	> SAMBA server for each of my NT domain users?

Sorry.  I didn't catch this the first time around.  Current you have to
put user's in /etc/passwd on the unix box.  You can set * for the
password and give them and invalid shell as well.  The entries in
/etc/passwd are not for validation but rather obtaining a uid for the
In the future, samba will be able to create these NT RID <-> Unix uid
mapping automatically, but for the moment, the user **must** have any
entry in /etc/passwd.
Does that explain things?  I will document this in the NTDOM FAQ in the
next day or so.

	Gerald ( Jerry ) Carter	
Engineering Network Services                           Auburn University

jerry at eng.auburn.edu <mailto:jerry at eng.auburn.edu>

	"...a hundred billion castaways looking for a home."
	- Sting "Message in a Bottle" ( 1979 )

Ryan Koski
Management Information Systems

		-----Original Message-----
		From:	Akira Matsuno [mailto:matsaki at statcan.ca]
		Sent:	Monday, August 17, 1998 1:15 PM
		To:	Multiple recipients of list
		Subject:	NT4.0 PDC and Samba help

		After reading the documentation and faq regarding
ntdomain, I'm still
		lost and don't know where to turn.  

		I wanted to do the following:

		1. Install Samba on my unix box, and let it join my NT
Domain as a 
		file server.  
		2. Allow my NT 4.0 Workstation clients connect to
private shares created
		on the Samba server.

		- I was able to install Samba with no problems.
		- I was able to join the Samba server into my NT Domain
with no problems
		(I see DOMAIN.SERVERNAME.mac file in the private
		- I run testparm to check for errors , and it tests
		- I can connect public shares with no problems... this
works fine.

		- I cannot however get my private shares connected with
valid NT domain
		accounts. (akirasvr is a valid domain account) NT comes
back and says
		"Incorrect password or unknown username for

		I read somewhere in the archive that I don't need to
create accounts on
		the unix side of things...  Is this true?   Has anyone
got this to work
		without creating the accounts on the unix side? 

		If anyone can help me out here, I'd greatly appreciate
it.. I'm new to
		both Unix and Samba, but am very familiar with

		Btw..My smb.conf file looks like this:
		workgroup = IMAD
		guest account = nobody
		security = domain
		password server = imad1
		encrypt passwords = yes
		domain master = no
		wins server =
		interfaces =
		dns proxy = no

		comment = Akira's Private Directory
		path = /usr/users/matsaki
		writable = yes
		valid users = akirasvr
		public = no
		guest ok = no

		comment = IMAPS1 Apps Share
		path = /usr/samba/samba1/apps
		public = yes
		read only = no

More information about the samba-ntdom mailing list