Samba PDC vs. NT Server and other clarifications.

Gerald W. Carter cartegw at Eng.Auburn.EDU
Sat Mar 28 22:42:32 GMT 1998 

Workstation Maintenance wrote:
> 
> to the samba server. It may sound funny that I mention this, but I read
> something in either ntdomain.txt or domains.txt that suggested this was
> not possible (something about samba ignoring the password at logon, but
> _not_ when connecting to shares). It would be nice for user/group info
> from the samba server to work on the NT client as well (i.e. permissions
> on files on the local machine) but I also suspect this is not possible

See the link to the latest draft of the NTDOM FAQ off my page ( in my
signature ).  To validate logins you will need to define USE_ARCFOUR in
the makefile.

> yet. Basically I am unclear on the difference between a "real" PDC and
> samba acting as one - I am a little late to these discussions and seem
> to be missing such basic info. I have re-read the documentation included
> with the samba source and found it a bit confusing and somewhat
> contradicting. Not to criticize at all, I understand this stuff is
> probably new to everyone and I think the documentation is terrific!

Differences are things like some various pipe functionality as well as
TRUST relationships, etc....  Sorry to be vague but pretty much most of
what you need to run a Samba PDC in a lab is there ( i'm doing the same
thing )

> I attempted to use samba 1.9.18p3 (with -Dntdomain added to the flagsm
> line of the makefile) with out success. I (for lack of another way)
> finally used the username m option in smb.conf to map the machine
> username to another user, then I just changed that user's password to
> also be the machine name - This changes the error message on the NT
> client from "the domain server can not be accessed" to "the account
> either does not exist or can not be accessed." The smb logs reflect the
> following: s: do mismatch
> It is purely a guess that this has to do with domain sid (only because
> testparm says it is an unknown parameter)?


Get the BRANCH_NTDOM version via CVS instruictions in the FAQ.  PDC
support in the main branch does not work.  BRANCH_NTDOM branched from
1.9.18alpha11 but will be rejoining the MAIN branch soon i think.

> Any clarification on compiling samba with ntdomain support, and setting
> up the workstation accounts a bit easier, and what domain sids are.

smbpasswd ( in BRANCH_NTDOM )  has an option -m to add machine
accounts.  Again see the FAQ.

> 
> Thanks again,
> Ivan Fetch

j-
________________________________________________________________________
                            Gerald ( Jerry ) Carter	
Engineering Network Services                           Auburn University 
jerry at eng.auburn.edu             http://www.eng.auburn.edu/users/cartegw

       "...a hundred billion castaways looking for a home."
                                  - Sting "Message in a Bottle" ( 1979 )

More information about the samba-ntdom mailing list