Must a Samba PDC use encrypted passwords?

[Luke Kenneth Casson Leighton]

On Wed, 10 Jun 1998, CAE Samba Admin wrote:

> 
> > > 	Well, this is fine and dandy if you are migrating from having
> > > people connect to non-PDC samba box towards a PDC, but when you are
> > > starting out in an homogeneous NT enviornment never having had samba
> > > running for other than test purposes, this is rather pointless as a user
> > > won't be able to sit down at an NT box and type in there username and
> > > password to login without having *first* been in the smbpasswd file. 
> > 
> > ok, then under _these_ circumstances, in a pre-existing NT network, you
> > want to use the PWDUMP utility (by jeremy allison) or its NT server admin
> > / resource kit equivalent (don't know exactly where this is).
> 
> 	True we are going from an existing NT network, but we aren't
> looking to relace NT.  The samba server is on the machine with the campus
> wide user database, so we aren't really migrating from NT either.  We're
> starting from ground zero, and unfortunately there doesn't seem to be any
> clean method to get all the users from the unix passwd database into the
> smbpasswd file.

ok, then another alternative is to use "security = server" or better,
"security = domain".  this will allow you to verify your users against an
nt or samba pdc, selected with "password server = some_domain_controller".

use the netbios name not the ip address for this option.


yes, you are right: there is no clean way (yet) to get NT SAM information
into a private/smbpasswd file: you would have to copy via some
intermediate secure media.

lukes