Must a Samba PDC use encrypted passwords?
Luke Kenneth Casson Leighton
lkcl at switchboard.net
Wed Jun 10 17:45:36 GMT 1998
On Wed, 10 Jun 1998, CAE Samba Admin wrote:
> > > Well, this is fine and dandy if you are migrating from having
> > > people connect to non-PDC samba box towards a PDC, but when you are
> > > starting out in an homogeneous NT enviornment never having had samba
> > > running for other than test purposes, this is rather pointless as a user
> > > won't be able to sit down at an NT box and type in there username and
> > > password to login without having *first* been in the smbpasswd file.
> > ok, then under _these_ circumstances, in a pre-existing NT network, you
> > want to use the PWDUMP utility (by jeremy allison) or its NT server admin
> > / resource kit equivalent (don't know exactly where this is).
> True we are going from an existing NT network, but we aren't
> looking to relace NT. The samba server is on the machine with the campus
> wide user database, so we aren't really migrating from NT either. We're
> starting from ground zero, and unfortunately there doesn't seem to be any
> clean method to get all the users from the unix passwd database into the
> smbpasswd file.
ok, then another alternative is to use "security = server" or better,
"security = domain". this will allow you to verify your users against an
nt or samba pdc, selected with "password server = some_domain_controller".
use the netbios name not the ip address for this option.
yes, you are right: there is no clean way (yet) to get NT SAM information
into a private/smbpasswd file: you would have to copy via some
intermediate secure media.
More information about the samba-ntdom