[Samba] Linux Client

Buchan Milne bgmilne at cae.co.za
Thu Jul 18 07:09:03 GMT 2002 

> Message: 9
> From: Sylvestre Taburet <sylvestre.taburet at free.fr>
> Reply-To: sylvestre.taburet at free.fr
> Organization: @telier
> To: Joel Hammer <Joel at HammersHome.com>,
> 	=?iso-8859-1?q?Fr=E9d=E9ric=20SCHWIEN?= <fred at igtech.fr>,
> 	samba at lists.samba.org
> Subject: Re: [Samba] Linux Client
> Date: Wed, 17 Jul 2002 23:23:25 +0200
> 
> Le Mercredi 17 Juillet 2002 23:13, Joel Hammer a écrit :
[...]
 >
 >> I have not seen any replies, so, I'll ask. What are your trying to do?
 >> Your question isn't clear, at least to me.
 >> Joel
 >>
>> On Wed, Jul 17, 2002 at 10:08:46PM +0200, Frédéric SCHWIEN wrote:
> 
>> > Hi,
>> >
>> > I am just wondering : is there a way to get a Linux Station display a
>> > Microsoft like login screen
>> >  (ie: login/password/network) on a microsoft like network hosted on a
>> > samba server?
>> >
>> > If yes, what soft or configuration could I use?
>> >
>> > I know it is a bit off topic, but I guess some people on this list might
>> > have search that.
>> >
>> > Best regards,
>> >
>> > fred
> 
> 
> If you're trying to logon to a windows NT domain using a linux wks, yes this 
> is possible using winbind.
> 
> You can also mount the windows home dir of the domain user on the linux wks 
> using pam_mount, but because smbfs won't support creation of specific files, 
> like fifos and sockets, you won't be able to open a KDE session in the 
> smbmounted home dir.
> 
> Because the domain has to be set-up before you can logon to it (the wks must 
> be member of the NT domain), you won't be able to change it anyway, so why 
> would you need it at logon time? Or maybe you need to hide your linux station 
> because you're in a very strict corporate environment ;o)?
> -- Sylvestre Taburet - 1024D/030E1B7E sylvestre.taburet at free.fr


Well, actually, if they have domain trusts, it should be possible to 
login to any of the trusted domains. But, you will have either login as 
DOMAIN+user or DOMAIN\user or something similar (depending on your 
winbind config).

But I don't know if there is a way to get a ?dm (xdm, gdm, kdm) to 
display a domain list, since there is no way that they can determine the 
domain list (AFAIK), and they could be configured to authenticate by 
LDAP or NIS or mysql also, and then what would one do?

I think there are still some missing bits in how pam works (compared to 
how Netware client32 or Windows work), although it is more flexible, it 
could be more scalable (like Netware, where you use your LDAP DN 
essentially) or user-friendly (choose domain).

I guess you could hack a ?dm to do this for you from a list of domains, 
or eventually maybe query winbind.

<plug>
Btw, for the easiest setup of winbind, you should istall Mandrake 8.2, 
since there are then 6 steps to getting this working:

1)# urpmi samba-winbind
2)Edit /etc/samba/smb.conf and configure winbind settings and workgroup
3)# smbpasswd -j <DOMAIN> -U administrator
4)# service winbind start
5)# cp /etc/pam.d/system-auth-winbind /etc/pam.d/system-auth
6)# mkdir /home/DOMAIN
</plug>

For more info (and some stuff regarding win2k server settings) see 
http://ranger.dnsalias.com/mandrake/muo/connect/csamba5.html#winbind

Buchan
-- 
|----------------Registered Linux User #182071-----------------|
Buchan Milne                Mechanical Engineer, Network Manager
Cellphone * Work            +27 82 472 2231 * +27 21 8828820x202
Stellenbosch Automotive Engineering         http://www.cae.co.za
GPG Key                   http://ranger.dnsalias.com/bgmilne.asc
1024D/60D204A7 2919 E232 5610 A038 87B1 72D6 AC92 BA50 60D2 04A7

More information about the samba mailing list