[Samba] Trying to debug a WinXP - Win2000 ADSproblem..HELP!

Martyn Ranyard ranyardm at lineone.net
Wed Jul 31 07:49:10 GMT 2002

At 08:08 AM 7/31/02 -0600, Dan Vande More wrote:
>Right now I _believe_ that with server security, you are telling the samba 
>server to authenticate locally, where as domain tells the samba server to 
>check the requestors credentials against a pdc/bdc.

I'm afraid you believe wrong - security = server passes the request to a 
server, but it is not nice (TM).  _I_ believe on the technical side, it 
acts like a man-in-the-middle i.e. :

Client sends request to samba server,  Server mimics request to password 
Server accepts request, responds to samba server, which in turn copies this 
acknowledgement to client and marks the client as authenticated.

domain is much more of a relationship between the servers i.e. the samba 
server has an account on the PDC and authorises before passing info back 
and forth.


Hope this helps you understand more.  PLEASE see my sig.


Martyn Ranyard

I am not a member of the samba team,
and anything that I say may not be as
accurate as a response from one of the
team.  I reply to save those more
qualified time, which can more usefully
be spent developing SAMBA further.

More information about the samba mailing list