losing connections to password server
David Collier-Brown -- Customer Engineering
David.Collier-Brown at Sun.COM
Thu Jun 19 18:46:08 GMT 2003
On Thu, Jun 19, 2003 at 08:53:17AM -0700, David Bear wrote:
>>"security = server" may be a nasty hack, but it is an important
>>'feature' in an organization like my university. We have centrally
>>managed services which include user accounts. This hack lets me add
>>users to samba services without having to manage accounts.
Steve Langasek wrote:
> So does "security = domain"; except that "security = domain" works,
> using the same protocols that Microsoft supports for their own
> authentication systems.
> The "security = server" hack is /inherently/ flaky, and has /inherently/
> limited security. Fixing these inherent flaws has been done: that's
> what domain security is.
Alas, security = domain only works if I'm running an
NT domain, while security = server works with an
authentication server which is using the underlying
Unix authentication system.
Do the limitations and errors of security = server
generally affect or not affect servers using Unix
authentication? We've not encountered (or perhaps
not noticed (;-)) them in Sun, and we run a worldwide
SMB service, managed out of Australia.
David Collier-Brown, | Always do right. This will gratify
Sun Microsystems DCMO | some people and astonish the rest.
Toronto, Ontario |
(905) 415-2849 or x52849 | davecb at canada.sun.com
More information about the samba-technical