What is best setup for us?

Duncan Kinnear duncanwantsnomorespam at mccarthy.co.nz
Wed Mar 17 21:12:41 GMT 1999 

Hi folks!

We are currently using 1.9.16p11 on a DG/UX Intel Aviion machine.  We 
have about 15 client machines which are a mix of Windows 95 and NT4 
WS. Recently we have added an NT server for use by the development 
staff.

We want to move to version 2.x and centralise user authentication. I have 
read most of the documentation associated with v2.x, but I cannot decide 
what is the best setup for us.  Maybe someone can give me some 
opinions or at least some pros and cons.

At the moment, the Samba server has all the users defined as Unix users. 
Everyone also connects to the Unix host via telnet, to access text-based 
COBOL applications on that machine.  However, in this environment, it is 
a pain to change your password, because we have to do it on the client 
machine, the Unix host and optionally on the NT server (not running as 
PDC).  As a result, some people have not changed their passwords for 
several years!!

Now the best solution seems to be to run the Samba server as a PDC 
and change the clients to "Domain" clients.  Then, if the NT server is set 
up as BDC, everything would be sweet.  But everyone seems to be 
saying that the "security=domain" is *experimental* and should be 
avoided.

Another solution would be to use the NT server as a PDC and have the 
Samba machine set up as "security=server".  However, I would prefer to 
keep the users setup on the Unix host, because it regularily stays up for 
months at a time without crashing or rebooting (wish we could say the 
same for the NT machine!).

Also, how does password encryption fit into this?  Can this be done 
transparently to the user without on-going maintenance?  Again, the docs 
don't seem to be very clear on this.

Anyway, any comments are welcome.  If I get enough I might write up 
some sort of summary that could get added to the docs.

Thanks in advance.


Cheers,

Duncan Kinnear,
McCarthy and Associates,			Email:  duncan at McCarthy.co.nz
PO Box 764, McLean Towers,			Phone:  +64 6 834 3360
Shakespeare Road, Napier, New Zealand.		Fax:    +64 6 834 3369
-------------------------------------------------------------------------------
Providing Integrated Software to the Meat Processing Industry for over 10 years

More information about the samba mailing list