password synchronization - again!

Kevin Colby kevinc at grainsystems.com
Tue Aug 29 22:37:25 GMT 2000 

For this exact reason, many places do not allow users to change
their password from within Unix or MacOS.  Users are often referred
to a "special" web page or some such script that properly sets all
the various passwords.  Although an NIS setup with Samba integration
may be possible, IMHO the only real hope for the future here
(allowing all the various local password changing schemes to work)
is LDAP, although I have not heard of anyone actually getting
LDAP to work for NT and Unix together.  You could still try using
a TNG PDC, but then you have to deal with any TNG limitations
as well (BDC replication & interdomain trust?).

If anyone has an answer to this, I'd love to hear it.

	- Kevin Colby
	  kevinc at grainsystems.com



Jenny Fox wrote:
> 
> Hello.
> 
> I am sure someone else has been in this situation - I'm running a very
> heterogeneous network of unix, macintosh, and NT machines.  I am using a
> linux/samba server for home directories, which is also running
> netatalk.  The problem is with password synchronization - I currently
> have security=domain set which enables the NT users access without a
> problem.  Unfortunately, if someone changes their password from a unix
> box or a macintosh, their NT password is not changed.  I have a wide
> spectrum of users - from those who have never encountered a computer
> before to computer professionals, and I would like to make this as easy
> as possible for everyone.  What I would really like is that if someone
> changed their password from any machine, it has been changed for all
> platforms, which means that somehow I have to synchronize the unix
> password file and the NT SAM database.
> 
> I read in the documentation that samba cannot act as a BDC.  Would
> making the linux server the PDC solve this problem?  I'm running a
> pretty extensive NT network with SMS, IIS, etc... so I wonder what kinds
> of problems I would have if my samba server were the PDC.
> 
> Does anyone else have any experience with this?  I am running 2.0.7 on
> RH 6.2.  Thank you for any suggestions.
> 
> --jenny
> 
> Jennifer Fox
> Network Administrator
> Amundsen-Scott South Pole Station, Antarctica

More information about the samba-ntdom mailing list