External Authentication support

Robert F. Thomas rft at asthomas.com
Mon Jun 7 17:35:47 GMT 2004


I certainly don't want to expose my VMS clusters to MICROSOFT
authentification.  It's too easy for MICROSOFT to change things, yet again
and break this mission critical part of the system.

Sincerely,
Robert F. Thomas
A. S. Thomas, Inc.


-----Original Message-----
From: samba-vms-bounces+rft=asthomas.com at lists.samba.org
[mailto:samba-vms-bounces+rft=asthomas.com at lists.samba.org] On Behalf Of RR
- Rod Regier
Sent: Monday, June 07, 2004 12:47 PM
To: samba-vms at lists.samba.org
Cc: RR - Rod Regier
Subject: RE: External Authentication support

 
  Michael Ober <mdo at wakeassoc.com> wrote:

> I need to be able to change the password on our VAX system 
> from the Windows password change dialog.  Is this possible 
> with Samba VMS.  I'm running Samba Version 2.2.8 on HP TCP/IP 
> Services for OpenVMS Alpha Version V5.4 on a AlphaServer 1200 
> 5/533 4MB running OpenVMS V7.3-2.
>  
> Setting Samba to authenticate against the domain is 
> insufficient as my users also need to login to the VMS system 
> directly.

Check out "external authentication" support in later VMS releases
(7.3-x).

It permits VMS to use a Microsoft PDC as the source for
account password validation on a by-account basis.

V/A 7.3-2 Release Notes, section 4.8

http://h71000.www7.hp.com/doc/732FINAL/6668/6668pro_005.html

This section contains release notes pertaining to external
authentication. External authentication is an optional feature
introduced in OpenVMS Version 7.1 that enables OpenVMS systems to
authenticate designated users with their external user IDs and
passwords. For detailed information about using external authentication,
refer to the HP OpenVMS Guide to System Security. 

			[snip]

PC users receive notification of impending external user password
expiration and can change passwords before they expire. However, when a
user logs in from an OpenVMS workstation using external authentication,
the login process cannot determine whether the external password is
about to expire. Therefore, sites that enforce password expiration and
whose users do not primarily use PCs can choose not to use external
authentication for workstation users. 



PLEASE READ THIS IMPORTANT ETIQUETTE MESSAGE BEFORE POSTING:

http://www.catb.org/~esr/faqs/smart-questions.html





More information about the samba-vms mailing list