Home directories using UNIX/SMB
Gerald W. Carter
cartegw at Eng.Auburn.EDU
Mon Nov 17 17:06:53 GMT 1997
Luke Kenneth Casson Leighton wrote:
> > I'm not sure I follow you. I know that using NISgina for validation I
> > can specify a non encrypted samba server as the [homes] server and it
> > passes the username and passwd through ( I am assuming this. I
> > haven't
> > done a packet dump, but it does not prompt for a password if it is the
> > home directory of the user ).
> interesting. i don't know where GINAs fit in, exactly (including
> microsoft's own one).
> the only difference i can think of is that NISgina calls LSALogonUser()
> _not_ the undocumented LSALogonUserEx() function.
A quick scan through the code shows a call to LogonUser() which is not
defined so I am assuming that this is the LSALogonUser function your are
referring to. Most of the code follows the gina example stuff from the
MSDN library. The Gina library provides a defined set of functions such
as WlxLogon(), WlxLogoff, etc...
> if you have "encrypt passwords = yes", then you are using lm and nt owf
> 16 byte hashes in /usr/local/samba/private/smbpasswd and not clear-text
> specifically roaming profiles, because even before the user is "logged
> on" to the local machine (by logged on, i mean
> programs-like-EXPLORER.EXE",the workstation itself mounts the profile
> path and downloads the profile.
> because the workstation is in "non-interactive" mode, it cannot fire up
> dialogs like "Enter password for \\samba-server\homes share".
That makes sense. I see what you are saying now.
Gerald ( Jerry ) Carter
Engineering Network Services Auburn University
jerry at eng.auburn.edu http://www.eng.auburn.edu/users/cartegw
"...a hundred billion castaways looking for a home."
- Sting "Message in a Bottle" ( 1979 )
More information about the samba