how do I not use smbpasswd?
Fisher, Derek
derek.fisher at epi.epson.com
Thu Jul 15 18:42:58 GMT 1999
All,
I am in a mixed NT/UNIX/Novell environment and got the buy-off to
go full SAMBA for our corporate fileserver (400 clients, 95 and NT).
I got a few Sun UE450s and A5100 arrays and am going to cluster
them with Veritas. I have samba working with home directories for
all clients, but had to dump the passwords from the PDC into the
smbpasswd file in order to do it. Sometimes it takes an awful long
time to connect...up to three minutes or more. That's how long it
takes to just log the connection in the log.%m file. When it finally
connects, everything gets written to the log but nothing before then,
just waiting. Password level is 0.
Everyone in the company has a UNIX account in NIS already, the
same username as their NT and Novell account. No one has
access to a shell prompt, the DB front end (QAD MFG/PRO) is
their shell. All current traffic is telnet. Of course, their UIDs and
RIDs don't match at all.
But why should they? If the usernames match, why should I care
about UIDs? Also, everytime I see the samba team talking about
NIS they (you) start talking about /etc/passwd and local accounts.
The whole idea of NIS is to not have a local account. Am I to
assume that these things are interchangeable? That having an
account in /etc/passwd is the same thing as having it in NIS? The
samba server is only a NIS client and will stay that way, so I don't
wanna put anything in /etc/passwd. If so, does it make sense for
the password change program be changed from /bin/passwd to
yppasswd?
Security = domain. If I switched it to security = user and renamed
the smbpasswd file and restarted smbd, it still tried to look in the
smbpasswd file and wouldn't authenticate the client (after three
minutes, of course)...why? I thought user didn't require smbpasswd.
Eventually, we are putting in NDS8, which has native LDAP support.
I had planned on putting NDS on NT and Solaris to tie everything
together. How far along is LDAP and samba? I couldn't get samba
2.0.4b to compile on Solaris 2.6 --with-ldap or --with-automount
(gcc 2.8.1). How long until it's ready for prime-time? How about
full NDS auth for samba?
Security = domain. If I switched it to security = user and renamed
the smbpasswd file and restarted smbd, it still tried to look in the
smbpasswd file and wouldn't authenticate the client...why? I
thought user didn't require smbpasswd.
What do I have to do to push authentication off solely to the DCs,
which are NT? Passwords will be synchronized with either NDS or
NetLinkPC at some point, but until then all I care about is users
being able to map their home dir (and only theirs) based on their
username and passwd authenticated by the PDC (which is NT)
without having to look to the smbpasswd file. A PAM, maybe?
Also, has anyone tried Project Cascade/NetLinkPC yet? Any
comparisons to samba? I had wanted to use that for my DCs.
I want to put the NT servers back on the desktops where they
belong. Little stinky compaqs are littering our server room (and
seem to be multiplying...yeesh).
Thanks for your time,
Derek Fisher
UNIX Administrator
Epson Portland Inc
derek.fisher at epi.epson.com
More information about the samba
mailing list