samba PDC with NIS, or other solution?

Christian Barth barth at cck.uni-kl.de
Fri Nov 9 11:01:09 GMT 2001 

> christian,
> 
> thanks much for your advice. it is very good.
> 
> as far as putting samba PDC on AIX, we want to avoid that. short
> answer is we found a solution to our ethershare/mac/aix problem. so
> now we are hoping to phase out AIX in our network, and replace it with
> linux.
> 
> so here's our plan: a samba 2.2.2 PDC also acting as the NIS master. i
> think i can do it in a few days, piece of cake. but there is still
> just one problem:
> 
> im still unclear as to how, or if, i can get the current /etc/passwd
> file from the current NIS master onto the new samba PDC (which will
> become the new NIS master). in one of your emails you mentioned
> something about a script that comes with the samba source that will
> create the smbpasswd from disabled accounts. what is this script
> called? is there an man/docs on it? will this script take an
> /etc/passwd file from an NIS master an create a smbpasswd file from
> it? that seems too good to be true...
I mean source/scripts/mksmbpasswd.sh
I takes a /etc/passwd on stdin and wirtes a smbpasswd file on stdout 
but all accounts in smbpasswd will be disabled because you can not 
create the encrypted passwords form /etc/passwd

Christian


> 
> if you have already explain this to me and i just didnt get it, i
> apologize.
> 
> thanks again,
> 
> alex
> ---                                   ---
>    Alex Lazarevich | Systems | Imaging Technology Group
>    alazarev at itg.uiuc.edu | (217)244-1565 | www.itg.uiuc.edu
> ---                                   ---
> 
> On Fri, 9 Nov 2001, Christian Barth wrote:
> 
> > alex,
> > 
> > please mail to the list as well: There are a couple of helpfull
> > people out there. (OK, forgot it may self with my first repley)
> > 
> >  
> > > is it possible to have the samba PDC be a NIS slave that syncs
> > > with an remote NIS master?
> > The samba pdc can be on the nis slave, but you may get problems with
> > the password sync. The reason for this is: If root changes a user
> > passwort on the nis slave with yppasswd the old password is needed
> > in clear text. But, when running with encrypted passwords, you don't
> > get the old password in clear text. If you run samba on a nis slave
> > and you want to keep the passwords in sync you need a lot of tricks,
> > may be rsync of files or so.
> > 
> > > i ask because we have nis master on an AIX machine that
> > > runs ethershare (for our macs) and to transfer the ethershare
> > > license to the linux samba PDC would cost a bundle of money. we'd
> > > like the samba PDC and NIS master to be different machines. is
> > > this scenareo possible as well?
> > Wy not run the samba pdc on the aix machine? The pdc has to do only
> > authentisation, no file shareing ecxept of [netlogon]. All file /
> > print sharing (including profiles) can be done on the linux box that
> > uses securtiy = server or security = domain in smb.conf. The
> > additional load on the aix machine should be very small.
> > 
> > 
> > > writing the scripts to sync the /etc/passwd and private/smbpasswd
> > > files is a little tricky for me. could you possibly send me some
> > > code or point me in a direction?
> > password sync is done within samba, see "passwd chat", "passwd
> > program" and "unix passwd sync" in my smb.conf. To add the useres to
> > /etc/passwd and private/smbpasswd i have just put useradd and
> > smbpasswd -a into a small skript. I delete them by hand because we
> > only have about 30 useres.
> > 
> > Christian
> >    @@@@       (_)@(_)   vVVVv     _     @@@@  (___) _(_)_
> >   @@()@@ wWWWw  (_)\    (___)   _(_)_  @@()@@   Y  (_)@(_)
> >    @@@@  (___)     `|/    Y    (_)@(_)  @@@@   \|/   (_)\
> >     /      Y       \|    \|/    /(_)    \|      |/      |
> >  \ |     \ |/       | / \ | /  \|/       |/    \|      \|/
> > jgs|//   \\|///  \\\|//\\\|/// \|///  \\\|//  \\|//  \\\|// 
> > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> > 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  http://lists.samba.org/mailman/listinfo/samba
> 


               _(_)_                          wWWWw   _
   @@@@       (_)@(_)   vVVVv     _     @@@@  (___) _(_)_
  @@()@@ wWWWw  (_)\    (___)   _(_)_  @@()@@   Y  (_)@(_)
   @@@@  (___)     `|/    Y    (_)@(_)  @@@@   \|/   (_)\
    /      Y       \|    \|/    /(_)    \|      |/      |
 \ |     \ |/       | / \ | /  \|/       |/    \|      \|/
jgs|//   \\|///  \\\|//\\\|/// \|///  \\\|//  \\|//  \\\|// 
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

More information about the samba mailing list