?Use a script instead of a password file

Luke Kenneth Casson Leighton lkcl at switchboard.net
Tue May 26 11:55:32 GMT 1998 

On Tue, 26 May 1998, Jippes, A.G. (UB) wrote:

> Hi Luke (et al.),
> 
> Sorry for the 'script' confusion. I didn't mean the "login script". I
> would like Samba to use my Perl script to check passwords at our central
> user database instead of the smbpasswd file. I need to validate logins
> on our semi-public NT workstations.

perfect timing!

then you will need to see the "password API needed"  thread at
http://samba.anu.edu.au/listproc/samba-technical and write your own
database that has a c-to-perl interface on it.

although exactly why you would want to do this instead of writing your own
database api in c i do not know.

anyway, the interface is all there: see passdb.c in the latest cvs 
 
> B.t.w. Since Samba can check the NT-passwords against its one-way
> encrypted smbpasswd file,

correct.

> I assume Samba does decrypt the password it
> gets from NT workstations, right?

wrong.  the LM and NT hashes are clear-text equivalent hashes.  they are
non-reversable and you cannot decrypt them.


in what way do you wish to validate against the semi-public NT
workstations, and what kind of "central user database" is it?  if you
intend to post a technical reply, please copy the message to
samba-technical.

ta!

luke


> Thanks,
> 
>   Arnoud.
> -------------------------------
> Arnoud G. Jippes
> University of Twente Library/IT
> Postbus 217, 7500 AE, Enschede
> tel:(+31-534)894116, fax:351805
> email: a.g.jippes at ub.utwente.nl
> 
> 
> >----------
> >From: 	Luke Kenneth Casson Leighton[SMTP:lkcl at switchboard.net]
> >
> >what do you mean by "script"?  do you mean the "logon script" parameter in
> >smb.conf, or something else?
> >
> >On Tue, 26 May 1998, Jippes, A.G. (UB) wrote:
> >
> >> We want to make NT workstations accessible to our library users using
> >> their personal login. A script checks the login with our central user
> >> database. Can this be done with Samba now, or in the near future? (so,
> >> can I get Samba to use the script instead of the password file?). Any
> >> pitfalls?
> >
>

More information about the samba-technical mailing list