SAMBA digest 1605
Ludek Babor
Babor at Glavunion.cz
Fri Feb 27 14:20:28 GMT 1998
> Date: Thu, 26 Feb 1998 09:00:27 -0500
> From: James Richardson <James.Richardson at WellmanInc.com>
> To: "'samba at samba.anu.edu.au'" <samba at samba.anu.edu.au>
> Subject: Password validation.
> Message-ID: <01BD4295.06994430 at RICHAJM>
>
> Greetings:
>
> I have been running SAMBA 1.9.16p1 under HP-UX 9.04 quite well for some
> time. I have in the smb.conf security = server encrypt passwords = yes
> workgroup = XX1
I suppose something like "password server = PDC1" too ...
Where PDC1 is NetBIOS name of primary domain controller.
> where XX1 is the name of our NT domain.
> Everything works as it should, passwords are being validated by our NT
> servers.
>
> The scenario which has just happened: Users at other sites in my company
> now need access to my samba systems. These users are members of other NT
> Domains and are unknown by XX1. There is a trust relationship between the
> local NT Domain and the foreign NT Domain. I don't know much about NT
> Domains, but hopefully it is clear what I am trying to do.
>
> Is there another solution to this problem beside maintaining a smbpasswd
> file myself on the UNIX server?
Yes, there is - "netbios aliases =".
For example let's have two NT domains - DOM1 and DOM2. There are domain
controlers PDC1 and BDC1 in DOM1 and PDC2 and BDC2 in DOM2. UNIX name is
XXX.
Try this in smb.conf:
[global]
include = /usr/local/samba/lib/smb.conf.%L
netbios name = XXX
netbios aliases = YYY
smb.conf.xxx (xxx is in lowercase):
security = server
password server = PDC1 BDC1
smb.conf.yyy (yyy is in lowercase):
security = server
password server = PDC2 BDC2
And restart SAMBA.
And now there are on network two servers (XXX and YYY), but physically it
is only one server.
If a user connect to share on XXX (like \\XXX\Share) then his password is
validated by PDC1 or BDC1.
If a user connect to share on YYY (like \\YYY\Share) then his password is
validated by PDC2 or BDC2.
It works for me ...
Sorry for my English, I hope you understand me ...
Best regards
Ludek Babor E-Mail: Babor at Glavunion.cz
OS manager E-Mail: Ludek.Babor at Glavunion.cz
Glavunion, a.s., Teplice Tel: +420-417-503085
Sklarska 450 Fax: +420-417-508085
416 74 Teplice FIDO: 2:423/74.13
I use MIME ISO-8859-2 friendly software.
More information about the samba
mailing list