Freebsd + NT/Nt-Client am Linux-Server
Bill Eldridge
bill at rfa.org
Mon Nov 23 05:48:32 GMT 1998
Pam_SMB allows Linux clients to validate
their passwords against an NT PDC, so the
only thing you have to do is set up the
accounts on the Linux side with an '*'
in the /etc/passwd entry. This can be
done using a list of users:
#!/bin/bash
for i in `cat myuserlist`; do
/usr/sbin/adduser -p '*' $i
with various other command line options,
such as "-s /bin/nologin" for e-mail only
clients and such. You have to edit the
appropriate /etc/pam.d entries - login, imap,
and so on - follow the instructions.
I don't know if any of this applies to FreeBSD - as
in if FreeBSD uses Pam, or if there are similar tools
for FreeBSD's authentication method. There are
some tools for NIS/Yellow Pages...
Bill
> SAMBA Digest 1883
>
> For information on unsubscribing see http://samba.anu.edu.au/listproc
> Topics covered in this issue include:
>
> 1) Re: NT3.51 slow file access
> by "k.konzept" <klaus at bfad.de>
> 2) Get popups
> by Segei Kulakovsky <sk at ars.ml.org>
> 3) Re: Dial in accounts
> by Ole Holm Nielsen <Ole.H.Nielsen at fysik.dtu.dk>
> 4) Virus Scanning: Unix Products
> by "Cary T. Conrad" <conrad at messagesecure.com>
> 5) Re: Virus Scan
> by Anthony David <adavid at ajd.gw.dynamite.com.au>
> 6) Re: User verification problem using password = server [2.0.0beta1]
> by Anthony David <adavid at ajd.gw.dynamite.com.au>
> 7) Nt-Client am Linux-Server
> by =?ISO-8859-1?Q?J=FCrgen?= =?ISO-8859-1?Q?L=F6b?= <cip-
jl at physik.uni-pa
> derborn.de>
> 8) Browsing
> by Robert <robert at mhi-tx.com>
> 9) samba 2 swat user id and password
> by Sol Gongola <sol at mail.adldata.com>
> 10) Samba Information.
> by "Noll, Michael" <mnoll at eds.com>
> 11) Freebsd + NT
> by "Chad Thunberg" <chadth at atvideo.com>
> 12) Re: Virus Scanner
> by Christian Perrier <perrier at onera.fr>
> 13) Re: password change problem
> by Todd Pfaff <todd at edge.cis.McMaster.CA>
> 14) Compile error 2.0.0beta1
> by "Karl Bolingbroke" <karl.bolingbroke at flyingj.com>
> 15) samba 2.0 beta and shadow passwords
> by Michael <michael at bizsystems.com>
>
> ----------------------------------------------------------------------
>
> Date: Fri, 20 Nov 1998 09:58:53 +0100 (CET)
> From: "k.konzept" <klaus at bfad.de>
> To: samba at samba.anu.edu.au
> Subject: Re: NT3.51 slow file access
> Message-ID: <Pine.LNX.3.96.981120095226.27582A-100000 at linserv.intern.bfad.
> de>
>
> Hi Marc
>
> We had a similar problem.
> Try to use: socket options = TCP_NODELAY
>
> Greetings, Klaus
>
> Klaus Konzept
> Germany
> Reply to: K.Konzept at bfad.de
>
>
>
> ------------------------------
>
> Date: Fri, 20 Nov 1998 10:06:19 +0000
> From: Segei Kulakovsky <sk at ars.ml.org>
> To: samba at samba.anu.edu.au
> Subject: Get popups
> Message-ID: <36553F1B.793648F5 at ars.ml.org>
>
> How can I receive popups to group if it possible at all ?
> (for instance: I am in group MYGROUP. Someone sent popup message using
> Winpopup to all group MYGROUP)
> In our dorms based network that situation is appeared quite often :)
>
> --
> Sergei Kulakovsky.
> e-mail: sk at ars.ml.org
>
> ------------------------------
>
> Date: Fri, 20 Nov 1998 12:03:59 +0100
> From: Ole Holm Nielsen <Ole.H.Nielsen at fysik.dtu.dk>
> To: samba at samba.anu.edu.au
> Subject: Re: Dial in accounts
> Message-ID: <36554C9E.1CFBAE39 at fysik.dtu.dk>
>
> Regarding remote network browsing:
> We have had mixed success browsing Network Neighborhood from
> PPP-connected Win95 PCs. Our servers are all SAMBA, no NT here :-)
> The Win95s have WINS-server defined correctly in the network
> setup (checked by running winipcfg). We wait a couple of
> minutes after establishing PPP-connection, then try to
> browse. Now, some Win95s (my OSR2.1, for example :-) browse
> without problems, but others with a supposedly similar
> setup cannot browse. Is the problem with older Win95
> versions, or something entirely different ? Note that
> we are all dialing in to the same IBM-8235 router, so
> everything ought to be the same, yet the Win95s seem to
> behave differently.
>
> Ole Holm Nielsen
> Department of Physics, Building 307
> Technical University of Denmark, DK-2800 Lyngby, Denmark
>
> ------------------------------
>
> Date: Fri, 20 Nov 1998 07:13:30 +0500
> From: "Cary T. Conrad" <conrad at messagesecure.com>
> To: samba at samba.anu.edu.au
> Subject: Virus Scanning: Unix Products
> Message-ID: <4.1.19981120071152.03f4cd00 at 192.9.200.5>
>
> There have been a few posts about virus scanning for UNIX.
>
> May I suggest that for a product that is FOCUSED on the Unix market,
> check
> out www.cyber.com
>
> Many years in the business, good company, smart people, good products.
>
> CC
>
> ------------------------------
>
> Date: Sat, 21 Nov 1998 00:11:50 +1100
> From: Anthony David <adavid at ajd.gw.dynamite.com.au>
> To: samba at anu.edu.au
> Subject: Re: Virus Scan
> Message-ID: <199811201311.AAA20820 at ajd.gw.dynamite.com.au>
>
> From: Sandro Dentella <Sandro.Dentella at mi.infn.it>
> >
> > Hello Listers,
> >
> > does anyone know about virus scanners working on Unix hosts but
> > scanning for all those bad vermin from the M$ world.
> > Best solution (for me) would be a tight coupling with samba,
> > monitoring the I/O as some PC scanners do.
> >
> > Any suggestions?
>
> For Solaris my customer uses VirusWall from Trend Micro as part of their
> Proxy
> and Mail Scanning. It runs a regular scan of the scanning hosts disks as
> well.
>
> http://www.antivirus.com/
>
> Regards
>
> --
> Anthony David | Save Ferris
> Anthony David & Associates | Free Truman
> http://adavid.netinfo.net/ | Redeem Londo
>
> ------------------------------
>
> Date: Sat, 21 Nov 1998 00:24:54 +1100
> From: Anthony David <adavid at ajd.gw.dynamite.com.au>
> To: chenriq at homeshopping.com.br
> Cc: samba at samba.anu.edu.au
> Subject: Re: User verification problem using password = server [2.0.0beta1
> ]
> Message-ID: <199811201324.AAA20825 at ajd.gw.dynamite.com.au>
>
> Date: Thu, 19 Nov 1998 22:55:33 -0200
> From: Carlos Henrique <chenriq at homeshopping.com.br>
>
> >David.Anthony (David.Anthony at comcare.gov.au) wrote:
> >> Greetings
> >
> >> Having fun with Samba 2.0beta1 and security = server
> >> Is there something missing in my config?
> >
> >Hi,
> >
> >Was your samba server included in NT PDC DOM?
>
> That has never been a specific requirement in the past.
>
> >
> >Cheers.
>
> I received a private mail from the Samba team suggesting I remove
> the domain (DNS) name from the password server and keep the
> NetBIOS name only. The problem went away. We will see what happens
> in the next Samba release.
>
> Regards
>
> --
> Anthony David | Save Ferris
> Anthony David & Associates | Free Truman
> http://adavid.netinfo.net/ | Redeem Londo
>
> ------------------------------
>
> Date: Fri, 20 Nov 1998 14:51:11 +0100
> From: =?ISO-8859-1?Q?J=FCrgen?= =?ISO-8859-1?Q?L=F6b?= <cip-jl at physik.uni-
> paderborn.de>
> To: samba at samba.anu.edu.au
> Subject: Nt-Client am Linux-Server
> Message-ID: <365573CF.28AF at physik.uni-paderborn.de>
>
> Hallo,
> I suppose thai I am right here, well, does anyone know if it is
> possible, to configure a linux server so, that the login data for Win NT
> - clients is stored on it. So that it can used instead of an Windows
> NT-Domain-Server. And how is this possibple?
>
> please mailto: cip-jl at physik.uni-paderborn.de , because I am not
> subscribed into this mailing-list.
>
> THANKS!!!!!
>
> cu
>
> Jürgen Löb
>
> ------------------------------
>
> Date: Fri, 20 Nov 1998 08:33:08 -0600
> From: Robert <robert at mhi-tx.com>
> To: samba at samba.anu.edu.au
> Subject: Browsing
> Message-ID: <36557DA3.3E42 at mhi-tx.com>
>
> hello,
> I was wondering if anyone has had the same problem I have or if anyone
> knows what is going wrong.
> I have 1.9.18p10 and everything is working fine exept the browsing..hold
> on dont stop reading just yet. I know there is tons of docs on browsing
> and problems with it, but this seems to be different than anything in
> the docs..
> The samba server doesn't show up in a regular browse list but if I use
> "find computer" it shows up no problem.
>
> I have Advanced File and Print Server on an SCO box that is acting as
> the PDC (I believe my problem lies here) and in the log.nmb I get a
> message "process_lanman_packet: on subnet 192.168.1.8 ignoring browse
> packet command code 4 from MHI#00600<20> IP 192.168.1.2 to AFPS<00>"
> where .8 is the samba server and MHI is the SCO box and AFPS is the
> domain name.
>
> If anyone has any suggestions or even tell me I am stupid and where to
> look in the docs, It would be greatly appreciated. I am trying to show
> everyone that this little pile of free software can outperform Novell
> and then some. :)
>
> thanks
> Robert
>
> ------------------------------
>
> Date: Fri, 20 Nov 1998 09:59:41 -0500
> From: Sol Gongola <sol at mail.adldata.com>
> To: samba at samba.anu.edu.au
> Subject: samba 2 swat user id and password
> Message-ID: <365583DD.623B at mail.adldata.com>
>
> Connecting from swat on a w95 pc web browser (netscape)
> to samba 2beta1 on aix 4.3.1, I tried using root and
> several other user id/passwords but the only that accepted
> was the user id associated with my PC logon ID.
>
> How is the required user id and password decided for connecting
> to the samba server
> --
> Sol Gongola (sol at adldata.com)
> ADL Data Systems Inc
> 20 livingstone ave
> Dobbs Ferry, NY 10522
>
> ------------------------------
>
> Date: Fri, 20 Nov 1998 10:41:38 -0500
> From: "Noll, Michael" <mnoll at eds.com>
> To: "'samba at listproc.anu.edu.au'" <samba at anu.edu.au>
> Subject: Samba Information.
> Message-ID: <1BB1608E616BD111AC6100A02462121274FEFF at usahm015.exmi01.exch.e
> ds.com>
>
> I am an analyst for a large corporation and am interested in using Samba
> in
> a project for mine. I need one piece of the puzzle answered for me
> though.
> Can anyone tell me what is the maximum size of a file system can Samba
> see.
> I'm talking in Terabytes. If anyone could answer this for me, I'd truly
> appreciate it. Could you send any responses to mnoll at eds.com.
>
> Thanks,
>
> Michael A. Noll
> EDS/DMS
> 248-265-7671
> mnoll at eds.com
>
> ------------------------------
>
> Date: Fri, 20 Nov 1998 09:20:22 -0800
> From: "Chad Thunberg" <chadth at atvideo.com>
> To: <samba at samba.anu.edu.au>
> Subject: Freebsd + NT
> Message-ID: <000c01be14aa$0dc76600$ef2376cc at chadth.atvideo.com>
>
> I am currently integrating Freebsd in a predominately NT network. I am
> interested in using NT as a domain controller then using samba on the
> other
> servers. I know that samba supports this and you can set security =
> server,
> but what I am also interested in is using the password list for the
> passwd
> file as well. So in theory I would like to download the NT user and
> pass
> list much like NT's bdc (backup domain controller) does. This may not
> be
> the correct mailing list to seek help on this subject but I thought it
> would
> be a start. Any information would be helpful
>
> Thanks,
> Chad Thunberg
>
> "For the first time in my life I was reading things which had not been
> approved by the Prophet's censors, and the impact on my mind was
> devastating. Sometimes I would glance over my shoulder to see who was
> watching me, frightened in spite of myself. I began to sense faintly
> that
> secrecy is the keystone of all tyranny."
> -Revolt in 2100
>
>
>
> ------------------------------
>
> Date: Fri, 20 Nov 1998 18:30:48 +0100
> From: Christian Perrier <perrier at onera.fr>
> To: Multiple recipients of list <samba at samba.anu.edu.au>
> Subject: Re: Virus Scanner
> Message-ID: <19981120183048.A1794 at mykerinos.kheops.frmug.org>
>
> Quoting Hammond, Justin (Justin_Hammond at NAI.com):
> > Hi,
> > Network associates sell Netshield for Linux, and other Un*x's that does
> just
> > what you are after.
> > it can be setup to scan only public directories for both Word/Excel
> virus's
> > and the more common exe/com virus's
> >
> > The problem is that I am pretty sure its discontinued product, but you
> might
> > be able to find a copy around somewhere
>
> It's not really a discontinued product, afaik. It is still on NAI
> Product
> List and DAT files are monthly updated.
>
> The problem is : how can one achieve a behaviour similar to NAI Netshield
> on
> Windoze NT server where all accessed files are scanned as soon as they
> are
> accessed.
>
> Netshield for Linux does just virus scanning on demand. But maybe some
> sophisticated setup would do the job...
>
> ------------------------------
>
> Date: Fri, 20 Nov 1998 16:29:54 -0500 (EST)
> From: Todd Pfaff <todd at edge.cis.McMaster.CA>
> To: samba at samba.anu.edu.au, samba-technical at samba.anu.edu.au
> Subject: Re: password change problem
> Message-ID: <Pine.GSO.3.96.981120153431.14301X-100000 at edge>
>
> I posted my original question below to the samba-ntdom list but it seems
> to be the wrong place to be discussing this problem so I'm moving my
> follow-up to these lists.
>
> Background...I used to be using smbpasswd and the "unix password sync",
> "password chat", and "password program" settings to keep my smb passwords
> and unix passwords in sync. This was working well in an earlier release
> of 1.9.18 but one of the messages below indicates that this broke in
> 1.9.18p10. I didn't notice it was broken until recently when I started
> using 2.0.0beta1 and so I thought that it was broken only in the 2.0.0
> samba domain control code.
>
> I wrote:
>
> > I'm using samba-2.0.0beta1.
> >
> > When trying to change a password as a non-root user with smbpasswd I
> get
> > the following message from smbpasswd:
> >
> > machine 127.0.0.1 rejected the password change: Error was : The
> specified
> > password is invalid.
> >
> > and the following message in log.smb:
> >
> > [1998/11/20 14:36:49, 0] smbd/chgpasswd.c:check_oem_password(684)
> > check_oem_password: incorrect password length (1780921600).
> >
> > Whoa! I didn't type that many characters in my password! :-)
> >
> > Is this a known problem? Is there a fix in a later alpha?
>
>
> Replies and my responses below...
>
> On Fri, 20 Nov 1998, Douglas K. Fischer wrote:
>
> > I've run across the same problem in 1.9.18p10 (see postings to
> > samba-technical and main samba lists). I'm still trying to figure out
> > exactly what's happening here but it seems that either the client is
> > passing a bad data string into SamOEMhash or something wierd is
> happening
> > inside of SamOEMhash. Of course, it could be something else entirely, I
> am
> > far from a Samba guru...
> >
> > Douglas
> >
> > ----------------------------------------------------------------------
> > Douglas K. Fischer DFischer at Bridgewater.EDU (540) 828 - 5343
> > Network Systems Engineer C. E. Shull Information Technology Center
> > College Box 36 Bridgewater College Bridgewater, VA 22812
> > ----------------------------------------------------------------------
>
>
> On Fri, 20 Nov 1998, Carlos Henrique wrote:
>
> >
> > Have you "unix password sync = yes" in smb.conf file?
>
> Yes. In fact, the unix password change is working fine but then the smb
> password change fails, which means my unix and smb passwords are getting
> out of sync, which is what "unix password sync" is supposed to avoid.
>
> > Have you any limit for unix passwords?
>
> Only the standard Solaris 2.5 password defaults which impose a minimum
> password limit of 6 characters. But this isn't the problem since, as I
> said, the unix password change (via the password chat) is working fine.
>
> > If the answer is yes for these questions, it's the problem.
> > Else... I don't know...(I have similar problem).
>
> Thanks for the replies.
>
> --
> Todd Pfaff \ Email: pfaff at mcmaster.ca
> Computing and Information Services \ Voice: (905) 525-9140 x22920
> ABB 132 \ FAX: (905) 528-3773
> McMaster University \
> Hamilton, Ontario, Canada L8S 4M1 \
>
>
>
>
>
>
>
>
>
> ------------------------------
>
> Date: Fri, 20 Nov 1998 17:27:40 -0700
> From: "Karl Bolingbroke" <karl.bolingbroke at flyingj.com>
> To: samba at samba.anu.edu.au
> Subject: Compile error 2.0.0beta1
> Message-ID: <3.0.6.32.19981120172740.009242d0 at mail.flyingj.com>
>
> Hi,
> I'm having trouble compiling version 2.0.0beta1. The compile aborts
> with
> the following error:
> ------------------------------------
> Using LIBS = -lreadline -ldl -lcrypt -lpam
> Compiling smbd/server.c
> Compiling smbd/files.c
> /tmp/cca14570.s: Assembler messages:
> /tmp/cca14570.s:2505: Error: Can't emit reloc {- *UND*-seg symbol
> "file_find_li_
> next"} @ file address 21056.
> make: *** [smbd/files.o] Error 1
> -------------------------------------
> The machine is an HP Pentium 90. It is running RedHat 5.2. The Linux
> kernel is version 2.0.36. The gcc package is 2.7.2.3-14.
>
> Can anyone help me with this? My background is primarily networking, so
> the C error messages don't mean much to me. Thanks for anything you can
> do.
>
> Karl
>
>
> ------------------------
> Karl Bolingbroke
> Flying J Inc.
> 435-734-6404
> ------------------------
>
> ------------------------------
>
> Date: Fri, 20 Nov 1998 21:40:34 -0800 (PST)
> From: Michael <michael at bizsystems.com>
> To: samba at samba.anu.edu.au
> Subject: samba 2.0 beta and shadow passwords
> Message-ID: <Pine.LNX.3.91.981120213850.11647A-100000 at pandora.is.bizsystem
> s.com>
>
> So.... does configure figure out the necessary stuff for Linux shadow
> passwords or does it have to be done by hand??
>
> If so, for the 'C' challenged, what exactly does one have to do.
>
>
> Thanks
> Michael
>
> ------------------------------
>
> End of SAMBA Digest 1883
> ************************
More information about the samba
mailing list