[Fwd: Re: OT: change NT login procedure]

Buchan Milne bgmilne at cae.co.za
Wed Jan 31 08:57:49 GMT 2001 

Doesn't the list maintainer want to set the reply-to to
samba-ntdom at samba.org ? Otherwise I'm going to continue sending
duplicates to the people I'm answering ....

-------- Original Message --------
Subject: Re: OT: change NT login procedure
Date: Wed, 31 Jan 2001 10:17:56 +0200
From: Buchan Milne <bgmilne at cae.co.za>
Organization: Stellenbosch Automotive Engineering
To: osabmt00 at fht-esslingen.de
References: <3A77683C.15239.24A6AF9 at localhost>

I have seen some implementation of a nisgina.dll or similar (I'm winging
it here, I have no knowledge of the components involved in Windows NT
login, but have read of this dll) which authenticates off NIS, replacing
the standard windows dll.

Sorry, don't have a link for you ...

Buchan

Osama Abu-Aish wrote:
> 
> Hi out there,
> 
> this is somehow OT, but I thought to find the most competent
> people my idea here:
> 
> Background:
> 
> Since NT-UNIX password / account synchronization is a never
> ending story with many traps I had an idea and wonder if anybody
> has tried this before and could probably help me by sharing
> his/her knowledge.
> Since NT and UNIX use different security models, it is impossible
> to integrate both into one central security database. Samba is
> to a certain degree able to provide authentication to NT, but
> it can't resolve the problem of having two password databases.
> 
> Idea:
> 
> All current implementations try to adapt the UNIX-side to match
> the requirements given by NT. Now I wonder if it shouldn't be
> possible to change the NT-side. What I'm dreaming of is all
> our NT WKS authenticating against a LDAP-Server.
> This _must_ somehow be possible since novell manages it
> with their NDS directory.
> What I understand from MS documentation is that custom
> authentication is supported and that two dll's must be created:
> a graphical user interface (GINA) and a authentication package.
> 
> Questions:
> 1.) Does this make sense at all or is it only YASI (Yet another
>      stupid idea :-)?
> 2.) Has anybody tried something like this and could provide me
>      with any information?
> 3.) Would someone be interested in following this track?
> 
> Greetings, Osama
> 
> ---
> Fachhochschule für Technik Esslingen
> Außenstelle Goeppingen

-- 
|----------------Registered Linux User #182071-----------------|
Buchan Milne                Mechanical Engineer, Network Manager
Cellphone * Work               +27 82 472 2231 * +27 21 808 2497
Stellenbosch Automotive Engineering         http://www.cae.co.za

More information about the samba-ntdom mailing list