[Samba] Domain question

Gerald (Jerry) Carter jerry at samba.org
Fri Apr 5 06:38:02 GMT 2002

On Tue, 2 Apr 2002 Douglas.Shaw at pb.com wrote:

> I have a question about Samba's interaction with the PDC and SAM
> database on the windows domain. There are some in my company who say
> that Samba must read and write to the SAM databse in order to
> authenticate a user. This, according to them, poses a security risk in
> that a UNIX user could obtain tools to gain access to the SAM, retrieve
> all passwords and potentially corrupt the database. My question is
> simple, is this true and is there a way to ease their concerns?

Samba requires the same level of privildge provided to any other
member of the Windows domain.  In other words, for "security = 
domain", smbd needs a machine trust account in the domain
(just like NT) so that it can communicate with the PDC.

The level of risk Samba poses in this situation can be compared
to the same level of risk if someone where to gain
local administrative access to a NT box that was a member of the same

Either way you could gain the password hash of the machine trust
account and impersonate the domain member.

cheers, jerry
 Hewlett-Packard                                     http://www.hp.com
 SAMBA Team                                       http://www.samba.org
 --                                            http://www.plainjoe.org
 "Sam's Teach Yourself Samba in 24 Hours" 2ed.      ISBN 0-672-32269-2
 --"I never saved anything for the swim back." Ethan Hawk in Gattaca--

More information about the samba mailing list