NT Authentication

Sam Couter sam at topic.com.au
Wed Jul 12 23:30:24 GMT 2000

Paul J Collins <pjdc at eircom.net> wrote:
> *ALL* of the Samba infrastructure requires that domain users have a
> Unix account on the server.  You may, however, be able to use
> rpcclient to connect to the PDC and use ntlogin to see if the user can
> do so.  You could then use expect or similar to drive rpcclient, if
> you need to encapsulate it in a script or something; you should not
> pass passwords to programs on the command line as they may be visible
> in a process listing.

There is a thing called winbind in Samba TNG, which is a Name Service module
that can use Samba or an NT PDC to provide account information. Just like
NIS, only different. Just like nss_ldap, only different.

Using winbind means you don't need account entries in the password file,
just on the PDC.

One catch: I know it exists, it's in CVS, I don't know if it actually
*works*. ;)

Oh, and it'll only work on systems that have an nsswitch: Linux, Solaris,
maybe HP-UX, not sure what else.
Sam Couter          |   Internet Engineer   |   http://www.topic.com.au/
sam at topic.com.au    |   tSA Consulting      |
PGP key available on key servers
PGP key fingerprint:  A46B 9BB5 3148 7BEA 1F05  5BD5 8530 03AE DE89 C75C
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 232 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba-ntdom/attachments/20000713/6609a99f/attachment.bin

More information about the samba-ntdom mailing list