NT domain authentication order unclear

Jason Brooks JasonB at Pointshare.com
Fri Jul 2 01:48:29 GMT 1999

Question 1:

I am making a couple of linux servers visible on my company's NT network.  I
am currently using samba version 2.0.4b on redhat 5.1.  All is functioning
well so far.  I am using security = domain and so far, connecting works

The PDC and BDC's are windows nt servers.

there are some unclear concepts though:  How do I tell my linux boxen to
allow certain NT groups write access and others not?  I ask this because all
of the documentation treats linux groups and NT groups ambiguously.  

I see the Domain Options section while using SWAT.  Are these truly
experimental?  If my linux servers are NOT domain controllers, what will
these fields get me?

I have also seen a reference or three to "domain group map" (I think).
Where do I find out this information?

Question two:
	I would like to think the following steps are how samba does
authentication with domains (the man pages lack this detail)	

security =domain
1) inbound connections are authenticated to the domain controller
2) inbound connections are authenticated with the linux security
3) failed connections are granted guest access.

I think I missed some things, but is this essentially correct?

--Jason Brooks

More information about the samba-ntdom mailing list