Coming back to samba - questions on new technology
Yan Seiner
yan at cardinalengineering.com
Fri Jan 11 05:35:04 GMT 2002
Thanks for the answer. I am trying to avoid NFS.
I have no *nix clients on my network. In fact, I disallow logins for
all of my users. I have configured all services they need (like POP) to
use pam_smb_auth to use the samba server for its authentication. Like so:
auth sufficient /lib/security/pam_smb_auth.so
auth sufficient /lib/security/pam_unix.so likeauth nullok md5
shadow
As all user access is through samba. That's why I am looking at
winbind. I may need to read the list archives a little more; that's
where I first got the idea.
I figure if I stay consistent w/ samba, I won't have password sync
issues between *nix, windows, and servers.
--Yan
Christian Barth wrote:
>
>
>>winbind - Am I correct in assuming that if I have one samba box that
>>serves as the domain controller, a second samba box running winbind does
>>not need to have the user database on it, but instead get its uses from
>>the samba PDC? This would help me solve a bad situation I am about to
>>get into.
>>
>You don't need winbind to achive this between Samba-Servers: Put them
>all in NIS (witch is a good idea for all your unix services (nfs?!),
>make the pdc nis-master and set the outher samba servers to security
>= server or domain. Works with 1.19p10 ....
>
>winbind is to get user and passwords form an NT PDC. To get only the
>passwords there are things like pam_smb or so.
>
>If you use winbind: I have read on this list, that currently winbind
>can not ensure that the same user gets the same uid on all unix
>machines. which is needed for nfs.
>
>Christian
>
> _(_)_ wWWWw _
> @@@@ (_)@(_) vVVVv _ @@@@ (___) _(_)_
> @@()@@ wWWWw (_)\ (___) _(_)_ @@()@@ Y (_)@(_)
> @@@@ (___) `|/ Y (_)@(_) @@@@ \|/ (_)\
> / Y \| \|/ /(_) \| |/ |
> \ | \ |/ | / \ | / \|/ |/ \| \|/
>jgs|// \\|/// \\\|//\\\|/// \|/// \\\|// \\|// \\\|//
>^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>
More information about the samba
mailing list