Authentication models for PDC

Cole, Timothy D. timothy_d_cole at md.northgrum.com
Fri Nov 12 15:27:50 GMT 1999


> -----Original Message-----
> From:	Giulio Orsero [SMTP:giulioo at tiscalinet.it]
> Sent:	Thursday, November 11, 1999 7:16
> To:	Multiple recipients of list SAMBA-NTDOM
> Subject:	Re: Authentication models for PDC
> 
> On Thu, 11 Nov 1999 12:25:32 +1100, hai scritto:
> 
> >and Win98, but would it be possible to have Samba use the underlying
> Linux
> >authentication using PAM? This is because our Linux passwords are being
> >synchronized from another Linux machine.
> 
> If you DON'T use samba as a PDC:
> Yes, this is possible if you disable password encryption on all win9x
> and winnt boxes.
> This way samba can use the local unix password database (instead of the
> smbpasswd db); if your system uses pam, samba detects it at compile time
> and use it.
> 
> If you DO use samba as PDC:
> AFAIK, passwd encryption is required in this case. Samba will use the
> smbpasswd database for authentication, and can keep /etc/passwd in sync
> with it, if you want.
> Maybe you could set up as PDC the linux box you're using now as master
> for /etc/passwd.
> 
	Another alternative in this case (although I daresay a rather
strange one) would be to use a PAM module that authenticated via SMB,
pointed at the machine itself.  Then you need only keep password data in one
place:  smbpasswd.


More information about the samba-ntdom mailing list