losing connections to password server
vorlon at netexpress.net
Fri Jun 20 15:43:06 GMT 2003
On Thu, Jun 19, 2003 at 02:46:08PM -0400, David Collier-Brown -- Customer Engineering wrote:
> On Thu, Jun 19, 2003 at 08:53:17AM -0700, David Bear wrote:
> >>"security = server" may be a nasty hack, but it is an important
> >>'feature' in an organization like my university. We have centrally
> >>managed services which include user accounts. This hack lets me add
> >>users to samba services without having to manage accounts.
> Steve Langasek wrote:
> >So does "security = domain"; except that "security = domain" works,
> >using the same protocols that Microsoft supports for their own
> >authentication systems.
> >The "security = server" hack is /inherently/ flaky, and has /inherently/
> >limited security. Fixing these inherent flaws has been done: that's
> >what domain security is.
> Alas, security = domain only works if I'm running an
> NT domain, while security = server works with an
> authentication server which is using the underlying
> Unix authentication system.
> Do the limitations and errors of security = server
> generally affect or not affect servers using Unix
> authentication? We've not encountered (or perhaps
> not noticed (;-)) them in Sun, and we run a worldwide
> SMB service, managed out of Australia.
So you're using 'security = server' with 'encrypted passwords = no'?
Hmm, I've never seen a configuration like that before... Maybe it's
more resilient because your network and/or SMB servers are more
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba-technical/attachments/20030620/eb36eb0a/attachment.bin
More information about the samba-technical