[Samba] does SECURITY=ADS fall back to the smbpasswd file?
Gerald (Jerry) Carter
jerry at samba.org
Tue Oct 19 11:13:01 GMT 2004
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Tim wrote:
| Hi Samba List,
|
| I'm trying to upgrade from Samba 2.2.11 to 3.0.7. I'm
| using the SECURITY = ADS option and I have the winbind
| stuff working fine. I have joined the windows domain and
| authenticate my NT users perfectly.
|
| However, some of my users don't have NT accounts, so they access
| their samba share using local accounts in the smbpasswd file. Samba
| 2.2 (with SECURITY = DOMAIN) used to fall back to the smbpasswd file
| after trying to authenticate the user from the PDC and this was
| exactly how we wanted it.
|
| But my Samba 3 doesn't do this. Is it supposed to? Or do i have
| to turn this function on with some configuration option that I have
| missed?
Each auth method (winbind, sam, etc...) is associated
with a domain. For example, the local machine domain
or the domain to which the server is joined. Once an
auth method reports NT_STATUS_LOGON_FAILURE, no other
auth method will be tried.
So the short answer is no, smbd will not fall back to
smbpasswd in Samba 3.
cheers, jerry
- ---------------------------------------------------------------------
Alleviating the pain of Windows(tm) ------- http://www.samba.org
GnuPG Key ----- http://www.plainjoe.org/gpg_public.asc
"If we're adding to the noise, turn off this song"--Switchfoot (2003)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFBdPa9IR7qMdg1EfYRAkOmAJ4u0X6WUafY+DaJI/EwXiWnDvYwZwCeMj/I
AX/NsHf07D2pmU+UYfWZhP0=
=yH+P
-----END PGP SIGNATURE-----
More information about the samba
mailing list