[Samba] Samba BDC and secrets.tdb question

Raj Saxena rajan at ipisland.com
Fri Mar 14 17:06:29 GMT 2003


Robert,
      There is a doc on the samba.org site that allows you to setup a bdc
and it uses rsync via a ssh connection between both the samba pdc and the
samba bdc.  I am going to implement this soon as I need a bdc in a remote
location. Hope this helps.


Raj

-----Original Message-----
From: samba-bounces+rajan=ipisland.com at lists.samba.org
[mailto:samba-bounces+rajan=ipisland.com at lists.samba.org]On Behalf Of
Robert Styma
Sent: Thursday, March 13, 2003 6:59 AM
To: samba at lists.samba.org
Subject: [Samba] Samba BDC and secrets.tdb question



I have a question about setting up a samba BDC
(with a samba PDC).

I am running Samba as the PDC on a small network.
Other Unix boxes on the network are running
with:
        security = DOMAIN
        encrypt passwords = Yes
        update encrypted = Yes
        password server = 192.168.1.5

So they make use of the PDC for smbmount and smbsh
applications.  The W2K box also uses Samba at the PDC.

I want to set up a Redhat 8 box as a BDC.
smbpasswd -S
got the machine ID informationa across to the secrets.tbd per
the BDC howto.  Later it the document, it says I have to blindly
copy the secrets.tbd from the PDC to the BDC.  It also says I have
to change from "security = DOMAIN" to "security = USER"

This appears to indicate that the BDC will now use it's own authentication
information rather than defering to the PDC.
1.  Is this true?

2.  Blindly copying the secrets.tbd across seems a dangerous idea.
    Is there an equivalent to smbpasswd -S which just copies across
    the relevant data.?

3.  If not, is it really safe to copy secrets.tbd from the PDC to the BDC?
    I do not want to foul things up trying to get the BDC to work.
    I am not ready to try switching to LDAP, although I will do this if it
is
    the only way.

Thanks for any help.



--
Robert E. Styma
Principal Engineer
AG Communication Systems, Phoenix - A subsidiary of Lucent
Email: stymar at agcs.com
Phone: 623-582-7323
FAX:   623-581-4884
Company:  http://www.agcs.com
Personal: http://www.swlink.net/~styma
--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

---
Incoming mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.461 / Virus Database: 260 - Release Date: 3/10/2003

---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.461 / Virus Database: 260 - Release Date: 3/10/2003




More information about the samba mailing list