(Was Caution Stoopid Newbie) - A better (Longer) explanation

Greg J. Zartman greg at kwikfind.com
Thu Apr 5 15:35:23 GMT 2001


Keep posting.  No one takes it personally.

First, my answers to your questions:
> question 1: Are Samba users different to the linux/machine users ?
They are one and the same.  A user account on your linux box is just that, a
user account.  If all of you users are Windows people, then it's likely they
won't be getting on the linux machine.  Linux gives you the ability to
essentially shut-off a users ability to use the Linux box while giving them
access to their homes directory (what you are doing is giving them a null
shell).  I wouldn't get too hung up on this.  If your users don't need to
get on the linux machine, then set them up with accounts that have the "unix
features" shut off (Read the Samba PDC FAQs for more info).
> question 2: Sorry I am NOT deliberately trying to wind people up
> but I'm still not sure of my terminology is this authentication or logon ?
Don't get to hung up on this either as both happen in windows, it's just
that the terms aren't thrown around much.  Authentication mean that a user
or machine is approved to access certain shares, for example, on your
network.  When you join a domain, your machine is authenticated to access
the shares on the network.  Logon is the process that you perform to get
yourself authenticated to access a computer/network.  You type in your
username and password and if they are correct, you are authenticated to
access the network/computer.

> question 3: Philip Mayers wrote/copied from the man page "Note  that
> Win95/98 Domain logons are NOT the same as Windows  NT  Domain  logons."
> Dare I ask what the difference is or should that be where can I find
> something
> to read that will tell me what the differences are ?
This is a question that I argued some time back.  Richard Sharpe, one of the
Samba Team, finally made the subject clear to me.  The answer to this really
depends on how you look at it.  The difference isn't really as much in Samba
as it is in the Clients.  You see Win9x doesn't offer real security.  You
are only required to "authenticate yourself" when you login to a Win9x
machine in order to gain access to shares on a network, not services or
resources on the Win9x machine itself.  Win NT, on the other had, does
provide security. When you logon to a Win NT machine you are authenticated
to access resources and shares on the system and network.  From a networking
standpoint, the difference between the two OSs is that Win9x basically acts
like a workgroup machine regardless of weather it is participating in a
workgroup or a domain.  Win NT can participate in a workgroup, acting like a
win 9x machine(i.e., little if any restriction to resources and shares), or
is can participate in a domain (i.e., security and restriction to shares).

More information about the samba-ntdom mailing list