NIS authentication and smbpasswd

Simo Sorce simo.sorce at
Tue Sep 19 10:12:06 GMT 2000

Tim Strobell - Asst Systems Admin wrote:
> Howdy Gents,
> I've set up 2.0.7 as a PDC for a small lab of NT4 machines.
> We use NIS (not NIS+) for 'authentication' for our Unix machines.
> Is there any way to set up a smbpasswd file (or configure samba) so that
> Samba authenticates against the NIS password instead of the NT hash in the
> smbpasswd file?
> In other words, I can't logon unless I (manually) set my smbpasswd to match
> my Unix passwd. I would like to roll this out as transparently as possible.
> Has anyone else been in a similar situation?
There are three ways I've tested.

1. NIS and Samba separated password database.
   Changing password not permitted by normal utilities, instead the user
must use
   a web page to change their password (the cgi update both the
   Here's a link to my working solution

2. Use of Registry Key on NT machines to switch from encrypted challenge
resonse scheme to clear/text passwords and configure samba to
synchronize with unix account (enable NIS support). This prevent the use
of domains (even samba or Windows DC refuses clear/text passwords).

3. Use of NISGINA on NT machines to authenticate users against a NIS
server (does not require samba for authentication) the problem is that
users cannot have roaming profiles as a user is "created" on the local
sam database on NT machines.

Simo Sorce - Integrazione Sistemi Unix/Windows - Politecnico di Milano
E-mail: simo.sorce at 02 2399 2425 - 02 2399 2451
Be happy, use Linux!

More information about the samba-ntdom mailing list