Samba Domains & Password authenication

Kevin Colby kevinc at
Thu Jul 27 18:18:32 GMT 2000

As I understand it, you will have to run TNG on the NIS master
in order to get the NT hashes and NIS to be properly synchronized.
(An NIS client will not be allowed to change a password without
knowing the cleartext old password--something Samba will not know.)

Then you can run 2.0.x file servers in addition, and you won't
have to run around applying a registry patch to NT workstations.
In fact, is there even a clear-text registry hack for Win2000?

	- Kevin Colby
	  kevinc at

Raoul Schroeder wrote:
> Hi,
> my understanding is that the best bet is to activate unix password
> synchronising, which makes sure that if smbpasswd changes the password, the
> underlying UNIX does, too.
> If you then also use smbpasswd to change UNIX passwords, then the passwords
> are synchronized.
> Plain passwords are a possibility, but not a desirable one.
> My question now is: With your system, does the local unix communicate any
> password changes back to the NIS? If so, it should be fine. If not, probably
> not.
> Raoul
> Chris Hines wrote:
> > I would like to use samba as an NT domain controller for NT 4 & Windows 9X
> > and posibly windows 2000. I have configured samba 2.0.7 and samba NTG as
> > domain controllers and they seem to work.
> >
> > We wish our users to use a single password accross UNIX & windows which
> > are copied from a central NIS map managed by the University. Some time in
> > the future the university intends to start and active directory and
> > provide us with a windows password server.
> >
> > Using the plain text registry update I was hopping to get samba to
> > 1) validate machine passwords from the smbpassword file
> > 2) validate user passwords from NIS or later from a password server
> >
> > Is this posible? Does the samba architure already do this or is there some
> > documentation around which would point me to correct region of the code to
> > do this?
> >
> > As for windows 2000, is samba TNG stable enought to use as a domain
> > controller? It seem to work well enought with the two machines I tested
> > with.
> >
> > Many thanks for your help.
> >
> > Chris
> >

More information about the samba-ntdom mailing list