[Samba] Newbie Authentication Questions

Bill Robinson samba at oozy.ws
Wed Oct 8 23:08:41 GMT 2003

A couple questions about how authentication works in Samba:

-Is there a way to authenticate to a Samba PDC that does not require machine 
and (domain) user accounts to be in the /etc/passwd file (- a way other then 

-A follow up to that - is what is the purpose of requiring machines/users in 
both the /etc/passwd file and the smbpasswd file? - i read something about 
needing to resolve the machines/users but not a full explaination.  To me it 
seems that if I'm authenticating against Samba that's all it should need to 
do - it's not like it's converting the NTLM hash to crypt or something right? 
(since i can have different UNIX/Samba passwds)

Basically the problem I'm trying to solve is to create an NT 4-style domain w/ 
Samba, but not creating UNIX accounts on the PDC machine for the Windows 
domain users.  I only need Windows machines to authenticate to this domain.   

If there's a way to fake out Samba and point it to another file 
besides /etc/passwd that would work I think....just a thought.  I've also 
thought of AD/Kerberos but that is not an option either in this environment.

I've googled a bit for anything on the /etc/passwd issue but didn't turn 
anything up, other then using LDAP or NIS (which aren't options) and I didn't 
really see anything in the Samba docs - so any pointers in the right direction 
would be appreciated.  I've also looked into the PCNetlink, but that does not 
seem to be well supported.

This is for Samba 3.0 running as a NT4-style PDC on Solaris 2.8.



This mail sent through IMP: http://horde.org/imp/

More information about the samba mailing list