NTLM Authentication against multiple domain comtrollers

Volker Lendecke Volker.Lendecke at SerNet.DE
Wed Nov 3 01:35:36 MDT 2010


On Wed, Nov 03, 2010 at 06:22:26AM +0530, Mayank Agrawal wrote:
> We have a working setup of squid + samba + winbind to authenticate users
> belonging to the same domain (using NTLM). We have an immediate urgent
> requirement to support authentication against multiple Domains which are
> using their own Domain controller. There is NO Trust Relation between
> these Domain Controllers.
> 
>  
> 
> I have searched through length and breadth of all available documents
> and discussions, but there doesn't seem to be any solution available. 
> 
>  
> 
> Please let us know if such a solution exists. I am eager enough to put
> in a few changes in the code (if this is what is required), but this
> would require a few pointers from this knowledgeable community.

What you could do is run two winbinds separated with
"winbind socket dir" and other settings to virtualize
winbind. Then you could run two ntlm_auth instances, giving
each a separate WINBINDD_SOCKET_DIR environment variable.
The piece of code that is missing is: Who decides which
domain you need to talk to.

Volker


More information about the samba-technical mailing list