[NTDOM] NISGINA revisited
Gerald W. Carter
cartegw at Eng.Auburn.EDU
Wed Mar 4 16:44:38 GMT 1998
jeremy garber wrote:
> I currently have the NTDOM code functional on a test basis.
> I also have NISGINA configured to automatically create and update the
> smbpasswd entries on a test basis when logging into a samba domain. Of
> course the NT policies (something we must have functional) that are
> stored on the samba server are not being pulled down when using the
> current NISGINA.
Couldn't you specify an manual remote update from a share on a samba
server which was configured using encrypted passwords?
> What is wrong with my thinking that I can just rip the code out of
> NISGINA that creates a local account so that I am actually logging in
> under a domain account in the samba domain? There must be more to it
> than this.
There are two ways I could understand what you are saying. One is that
the domain account already exists. In this case you would be
authenticating twice. Don't see a need for that.
If you are validating against the PDC why not just keep the default
msgina.dll unless you have some secret way of synchronizing the
The second way would be that the domain account does not exist and you
want NISgina to create it rather than a local account. This will not
work since only certain accounts are authorized to add accounts to a
domain. It has been tried ( check the NISgina mailing list archives )
by replacing the NULL parameter in NetUserAdd() with the name of the
> Will I have to add code to NISGINA so that it understands it is using a
> domain account rather than a local one?
Gernot Bauer has added support to allow NISgina to login to a PDC or a
You may already know about this
Gerald ( Jerry ) Carter
Engineering Network Services Auburn University
jerry at eng.auburn.edu http://www.eng.auburn.edu/users/cartegw
"...a hundred billion castaways looking for a home."
- Sting "Message in a Bottle" ( 1979 )
More information about the samba-ntdom