Not *completely* relevant

[Sam Couter]

Matthew Geddes <mgeddes at xavier.sa.edu.au> wrote:
> 
> So, do you trust the NT Authentication method over the Unix one?

We use pam_smb to authenticate a few Linux boxes against our Solaris/samba
PDC. It works pretty well overall.

Note that I have a certain level of trust in my users - I trust that those
who don't have root already aren't smart enough to exploit most security
holes.

Unfortunately, you still need entries in /etc/passwd (* in the password
field) for the users to exist on the machine. This annoys me no end, as only
passwords are kept synchronised, nothing else.
The other annoyance is that Solaris PAM is incomplete, so I can't use
pam_smb on the Solaris box.

> I realise that it will mean an increase in network traffic around my
> servers, but how much?

I haven't noticed any difference at all, but we're mounting home directories
over NFS, so the traffic would be insignificant compared to NFS traffic. ;)

> Does this sound like a *really* stupid idea for some reason I have quite
> obviously overlooked?

I hope if there is some stupid reason that someone will tell me also.
-- 
Sam Couter                                             sam at topic.com.au
Internet Engineer
tSA Consulting