password synchronization - again!

[Aaron Dewell]

You have to run a cron script to re-export the passwords to the smbpasswd
file if you change a UNIX password.  It usually just involves calling the
smbpasswd program, the only thing is that you don't want to blow away any 
updates that have happened in the meantime from the Samba side..

I think that doc is backwards, the stable (2.0) samba can be a BDC, but 
not a PDC, the beta versions can do both.

Aaron

On Tue, 29 Aug 2000, Jenny Fox wrote:
> Hello.
> 
> I am sure someone else has been in this situation - I'm running a very
> heterogeneous network of unix, macintosh, and NT machines.  I am using a
> linux/samba server for home directories, which is also running
> netatalk.  The problem is with password synchronization - I currently
> have security=domain set which enables the NT users access without a
> problem.  Unfortunately, if someone changes their password from a unix
> box or a macintosh, their NT password is not changed.  I have a wide
> spectrum of users - from those who have never encountered a computer
> before to computer professionals, and I would like to make this as easy
> as possible for everyone.  What I would really like is that if someone
> changed their password from any machine, it has been changed for all
> platforms, which means that somehow I have to synchronize the unix
> password file and the NT SAM database.
> 
> I read in the documentation that samba cannot act as a BDC.  Would
> making the linux server the PDC solve this problem?  I'm running a
> pretty extensive NT network with SMS, IIS, etc... so I wonder what kinds
> of problems I would have if my samba server were the PDC.
> 
> Does anyone else have any experience with this?  I am running 2.0.7 on
> RH 6.2.  Thank you for any suggestions.
> 
> --jenny
> 
> Jennifer Fox
> Network Administrator
> Amundsen-Scott South Pole Station, Antarctica