[Samba] 'multi-layered' authentication
Andrew Bartlett
abartlet at samba.org
Thu Jan 29 21:29:13 GMT 2004
On Thu, 2004-01-29 at 08:08, webster at lexmark.com wrote:
> Thanks for the reply.
>
> Sorry if I've not been clear on my requirements.
> For a given list of IP subnets, I need to allow everyone access.
Allow them access as themselves, without passwords, as guest, without
passwords?
Simple application of 'guest ok' and 'hosts allow' should fix that.
> Outside this list, I need to do user authentication.
> Many of these clients are WinXP (& 2K), which requires using
> encrypted passwords.
> Ideally, I would authenticate against a 'corporate' LDAP server.
>
> No one is using a 'common' (with other apps) LDAP server to do
> encrypted Samba authentication?
You cannot do 'ldap authentication' in the way many other applications
have done it in the past.
> What are my practical choices for doing encrypted Samba
> authentication against? 1) smbpasswd, & 2) a Windows domain ?
1) A Samba passdb backend (can store smbpasswd values in LDAP)
or
2) A windows domain
Andrew Bartlett
--
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba/attachments/20040130/ce18d1c7/attachment.bin
More information about the samba
mailing list