Samba/HP-UX question.
Andrew Bartlett
abartlet at pcug.org.au
Thu Jan 17 04:20:03 GMT 2002
"Ladner, Eric (Eric.Ladner)" wrote:
>
> Couple of questinos.. I've poked around the web a bit and the Samba
> documentation and haven't really found a good answer.
>
> Given an HP-UX 11.0 system and the latest 2.X Samba distro, here's what I'm
> trying to do:
>
> Use Samba (possibly with winbind?) functionality to allow authentication via
> a NT PDC.
>
> The problem I'm having visualizing is how that authentication happens. At
> the system level, all of these things go through getpwent (or the
> secure/shadow version of that call). How exaclty can that call be hijacked
> by Samba and redirected to an NT domain for authentication?
Winbind simply disables all passwords in this case.
> The basic problem is that we have an application (call it X) that requires a
> LOT of users and concequently a LOT of password changes, corporate IT
> password standards that the application dosn't support, etc.. It's messy.
>
> What we'd like to see is that the username/password that the user types in
> to the application interface is authenticated via a PDC rather than the
> /etc/passwd file.
>
> This application does NOT use PAM. This I think has been my roadblock up to
> now.
And so it shal remain. If you have the sources for the app you could
use the winbind interface directly, without going via PAM.
> Does the getpwent code have flexibility? I.e. can something be put in
> resolv.conf to allow for alternate resolution for passwords? Did I miss a
> document somewhere?
What you propose (somehow putting a crypt-compatible password in a
getent return isn't possible.
> Sorry for the rambling email, but I'm not sure where to start at the moment.
BTW, does winbind support HP-UX yet?
--
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
More information about the samba
mailing list