Authentication ....

C.Lee Taylor lee.taylor at aeroton.scania.co.za
Thu Jan 25 09:52:33 GMT 2001


> significant diff. between nt-auth and unix auth is that the nt-auth uses
> the hashes as cleartext-equivalent.  i.e. they might as _well_ have stored
> the plaintext password in the SAM db, and used that in their
> authentication algorithms.
    Okay, so the stored hash is so different they can't be shared ... just
as I suspected, but this does not help with my little problem ... as I
remember somebody saying once, that what I am trying to achieve is the Holy
Grail on Linux/M$ interpolation ...

    I have no plan to have to recapture user data between Linux and M$
Servers ... as I said, I have looked at winbind, but if I understand that
gives Linux the ability to auth against a PDC, which is not as secure ( from
the discussion ) or create more overhead on the network/server ... not what
I am looking for ...

    I have thought that maybe I could setup a Samba-TNG server on a root
like server which has LDAP as backend ... then have M$-TermServer and M$-SQL
server as member servers using Samba-TNG PDC auth the system ...

    But I would like to see what other people have come across ... and
another things is that I know the LDAP is broken in Samab 2.2 ( which might
be fix in future ) and not sure about how stable LDAP is in Samba 2.0.7 ...

Thanks again for all the input ...
Mailed
C.Lee Taylor






More information about the samba-ntdom mailing list