SAMBA digest 1605

Ludek Babor Babor at Glavunion.cz
Fri Feb 27 14:20:28 GMT 1998 

> Date: Thu, 26 Feb 1998 09:00:27 -0500
> From: James Richardson <James.Richardson at WellmanInc.com>
> To: "'samba at samba.anu.edu.au'" <samba at samba.anu.edu.au>
> Subject: Password validation.
> Message-ID: <01BD4295.06994430 at RICHAJM>
> 
> Greetings:
> 
> I have been running SAMBA 1.9.16p1 under HP-UX 9.04 quite well for some
> time. I have in the smb.conf security = server encrypt passwords = yes
> workgroup = XX1

I suppose something like "password server = PDC1" too ...
Where PDC1 is NetBIOS name of primary domain controller.

> where XX1 is the name of our NT domain.
> Everything works as it should, passwords are being validated by our NT
> servers.
> 
> The scenario which has just happened: Users at other sites in my company
> now need access to my samba systems. These users are members of other NT
> Domains and are unknown by XX1. There is a trust relationship between the
> local NT Domain and the foreign NT Domain. I don't know much about NT
> Domains, but hopefully it is clear what I am trying to do.
> 
> Is there another solution to this problem beside maintaining a smbpasswd
> file myself on the UNIX server?

Yes, there is - "netbios aliases =".
For example let's have two NT domains - DOM1 and DOM2. There are domain 
controlers PDC1 and BDC1 in DOM1 and PDC2 and BDC2 in DOM2. UNIX name is 
XXX.
Try this in smb.conf:
[global]
include = /usr/local/samba/lib/smb.conf.%L
netbios name = XXX
netbios aliases = YYY

smb.conf.xxx (xxx is in lowercase):
security = server
password server = PDC1 BDC1

smb.conf.yyy (yyy is in lowercase):
security = server
password server = PDC2 BDC2

And restart SAMBA.
And now there are on network two servers (XXX and YYY), but physically it 
is only one server.
If a user connect to share on XXX (like \\XXX\Share) then his password is 
validated by PDC1 or BDC1.
If a user connect to share on YYY (like \\YYY\Share) then his password is
validated by PDC2 or BDC2.
It works for me ...
Sorry for my English, I hope you understand me ...

Best regards
	Ludek Babor			E-Mail: Babor at Glavunion.cz
	OS manager			E-Mail: Ludek.Babor at Glavunion.cz
	Glavunion, a.s., Teplice	Tel: +420-417-503085
	Sklarska 450			Fax: +420-417-508085
	416 74 Teplice			FIDO: 2:423/74.13

	I use MIME ISO-8859-2 friendly software.

More information about the samba mailing list