Samba vs PAM (authentication against NDS)

Peter Samuelson peter at
Tue Mar 21 03:18:00 GMT 2000

[Marek Les]
> Hmm.. I am not sure about this, maybe you can explain it to me.. if I
> have a Novell Client installed in Windows 95 (with password
> encrypting enabled) and I log in the Novell Server through NDS I
> don't send any LanManger hashed password, don't I ?

When you do that, you are not using SMB, you are using Novell's
protocol, probably over IPX/SPX.  A completely different animal, and
something Samba is not designed to do.  That's why, at the Windows end,
you need a separate "Novell client" rather than just using the "client
for Microsoft networks".

There does exist Novell-compatible file server software for
Linux/Unix.  I don't have any idea if it supports pass-through
authentication to a directory server.

> Well I managed to get NDS authenticating working _locally_ .. That 
> means I can login via smbclient from the same computer using the 
> password in NDS. However I fail to do even 'net view \\server' from 
> Windows, I'm getting Error 86 : Wrong password..

You mean you can get NDS authentication even with "encryption = yes"?
I would expect this to only work if you set "encryption = no".  In
which case you also need to apply the registry hack to your Windoze

> I don't get the point right now.. well, the goal of all this is to
> have all the accounts handled _globaly_ , easily and comfortably from
> the Novell NDS, which has a really very nice way of handling such
> things. What's the problem of changing the password in NDS?

OK, as long as the Samba server is not involved in the password change
operation, it should work fine.


More information about the samba mailing list