[Samba] Newbie Authentication Questions
John H Terpstra
jht at samba.org
Thu Oct 9 01:24:29 GMT 2003
On Wed, 8 Oct 2003, Bill Robinson wrote:
> A couple questions about how authentication works in Samba:
> -Is there a way to authenticate to a Samba PDC that does not require machine
> and (domain) user accounts to be in the /etc/passwd file (- a way other then
> LDAP or NIS)?
> -A follow up to that - is what is the purpose of requiring machines/users in
> both the /etc/passwd file and the smbpasswd file? - i read something about
> needing to resolve the machines/users but not a full explaination. To me it
> seems that if I'm authenticating against Samba that's all it should need to
> do - it's not like it's converting the NTLM hash to crypt or something right?
> (since i can have different UNIX/Samba passwds)
> Basically the problem I'm trying to solve is to create an NT 4-style domain w/
> Samba, but not creating UNIX accounts on the PDC machine for the Windows
> domain users. I only need Windows machines to authenticate to this domain.
> If there's a way to fake out Samba and point it to another file
> besides /etc/passwd that would work I think....just a thought. I've also
> thought of AD/Kerberos but that is not an option either in this environment.
> I've googled a bit for anything on the /etc/passwd issue but didn't turn
> anything up, other then using LDAP or NIS (which aren't options) and I didn't
> really see anything in the Samba docs - so any pointers in the right direction
> would be appreciated. I've also looked into the PCNetlink, but that does not
> seem to be well supported.
> This is for Samba 3.0 running as a NT4-style PDC on Solaris 2.8.
Have you looked at the Samba-HOWTO-Collection.pdf that ships with
The chapter "Account Information Databases" answers your questions. Please
let me know specifically what has not been well enough explained. What
needs to be better documented?
- John T.
John H Terpstra
Email: jht at samba.org
More information about the samba