OT: change NT login procedure

Osama Abu-Aish osabmt00 at fht-esslingen.de
Wed Jan 31 00:19:56 GMT 2001


Hi out there,

this is somehow OT, but I thought to find the most competent
people my idea here:

Background:

Since NT-UNIX password / account synchronization is a never
ending story with many traps I had an idea and wonder if anybody
has tried this before and could probably help me by sharing
his/her knowledge.
Since NT and UNIX use different security models, it is impossible
to integrate both into one central security database. Samba is
to a certain degree able to provide authentication to NT, but
it can't resolve the problem of having two password databases.

Idea:

All current implementations try to adapt the UNIX-side to match
the requirements given by NT. Now I wonder if it shouldn't be
possible to change the NT-side. What I'm dreaming of is all
our NT WKS authenticating against a LDAP-Server.
This _must_ somehow be possible since novell manages it
with their NDS directory.
What I understand from MS documentation is that custom
authentication is supported and that two dll's must be created:
a graphical user interface (GINA) and a authentication package.

Questions:
1.) Does this make sense at all or is it only YASI (Yet another 
     stupid idea :-)?
2.) Has anybody tried something like this and could provide me
     with any information?
3.) Would someone be interested in following this track?

Greetings, Osama

---
Fachhochschule für Technik Esslingen
Außenstelle Goeppingen




More information about the samba-ntdom mailing list