NIS, Trust Relationships, Home Drives, and Password Changing
gcarter at valinux.com
Thu Nov 30 15:11:08 GMT 2000
jbrown at hlmc.com wrote:
> I was wondering if NIS was the best solution for
> system security structure (sharing out smbpasswd
> and /etc/passwd, /etc/groups),
Use NIS (or another directory service such as LDAP) to
distribute /etc/passwd. Do not put smbpasswd in NIS.
Bad idea. :-)
Use rsync over ssh to distribute smbpasswd files.
> I am also having a problem with home drives. The
> home drive settings are in the smb.conf (all three of them),
> but when I execute a net use * /HOME it says invalid
> path specified. When browsing, I do see the (username)
> share that is the home drive (a subdirectory of the
> unix home drive).
Send me you [homes] section from smb.conf
> Also, I cannot change the password from a user level. If
> I execute smbpasswd (username) from root, I have no
> problem. But, when I execute smbpasswd from the user
> level, it says that my previous password was invalid
> (maybe there needs to be a certain file permission on
> the smbpasswd file, or setuid on the smbpasswd
> executable?). When trying to change the password from
> a windows client, I get the same results.
try upping the debug level (on the smbpasswd command line
and on the server to track this one down).
> And finally, with samba-tng, is it possible to setup
> a domain trust relationship. This relationship would
> be established so that all users of the Terminal Server
> would have group access on the Samba servers (ie - a
> user map to force the user to a generic account named
> tsuser on the Unix Machine), or better yet, to control
> access by Global Groups on the Terminal Server Domain.
SAMBA_TNG is now run by the TNG (i like the name TaNGo)
project. The software is in development stages. I think
Luke had some initial musings of trust relationships, but I
have not idea how stable it was.
> PS - I would like to thank all the developers out
> there that work hard on samba. It's a great application,
> and I'm sure most unix nutz appreciate having it.
You're quite welcome :-)
-- Cheers, jerry
/\ Gerald (Jerry) Carter Professional Services
\/ http://www.valinux.com/ VA Linux Systems gcarter at valinux.com
http://www.samba.org/ SAMBA Team jerry at samba.org
http://www.plainjoe.org/ jerry at plainjoe.org
"...a hundred billion castaways looking for a home."
- Sting "Message in a Bottle" ( 1979 )
More information about the samba-ntdom