advice on samba configuring

[Alexander Lazarevich]

Hi,

I emailing to get some advice on what the best configuration for a new 
samba box within our network should be. As I am having trouble getting it
going on my own, I'm hoping to get some solid advice.

Currently we have a network with the following machines (less than 150
machines in total): 
1) Windows (NT4.0) clients, Unix clients, Mac clients.
2) Windows NT 4.0 server as the Primary Domain Controller for our Domain,
as well as the password server for our samba box.
4) AIX (4.3.3) file server, running samba 2.0.x (pointing to our NT PDC),
ethershare (for the Mac's, planning on switching to DAVE), and runs as our
only NIS server.

Currently, we use a program called 'WinDD NIS' on our Windows NT clients.
WinDD NIS creates a connection (fake domain) between our AIX NIS server
and our Window NT PDC and allows any user that has just been added to the
NIS sever to logon to our network and become recognized by our Windows NT
PDC.

As we are upgrading to Windows 2K, we discovered that WinDD NIS does not
run with Windows 2K. And even if it did, we are moving towards this
sollution:

We prefer to create a new PDC Server, running Linux 7.1 and Samba 2.2.2.
I have already set this machine up and have gotten samba to work, and i
can logon to the new domian with NT and 2K clients. Right now all
smbpasswd passwd accounts are added locally to this machine.

However, my next task is to get samba to work with NIS, as we have our
users all stored within an NIS sever, and would like to continue to do so.
Our current AIX NIS sever is running NIS, but I am open to getting NIS
service running on the same machine as samba. 

Some questions I have are:

1) does NIS or NIS+ use encrypted passwords? We need NIS or NIS+ to use
encrypted passwords because samba as a PDC must use encrypted passwords.
IF NIS or NIS+ does not use encrypted passwords, is there a fix around
this problem?

2) How do I get my new samba server to "read" the passwords list from the
NIS server? In my smb.conf file I have the following lines (I've
commented out the actual server names):
password server = NISserver.x.x.x
nishomedir = yes
security = server
Adding these lines does not work, my samba server is still reading
the local smbpasswd file. Do I have to rebuild the samba binaries adding
support for NIS or NIS+?

Any help is greatly appreciated. Thanks,

Alex
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Alex Lazarevich
Systems Administrator
Imaging Technology Group, http://www.itg.uiuc.edu
Beckman Institute, http://www.beckman.uiuc.edu
405 N. Mathews, Urbana IL  61801  USA
Ph: (217)244-1565 e-mail: alazarev at itg.uiuc.edu
_________________________________________________