[Samba] does SECURITY=ADS fall back to the smbpasswd file?

Gerald (Jerry) Carter jerry at samba.org
Tue Oct 19 13:18:45 GMT 2004

Hash: SHA1

Tim wrote:
| Hi Jerry.
| Thanks for your response.
| Quoting "Gerald (Jerry) Carter" <jerry at samba.org>:
|>Each auth method (winbind, sam, etc...) is associated
|>with a domain.  For example, the local machine domain
|>or the domain to which the server is joined.  Once an
|>auth method reports NT_STATUS_LOGON_FAILURE, no other
|>auth method will be tried.
|>So the short answer is no, smbd will not fall back to
|>smbpasswd in Samba 3.
| So in that case, is there any way at all I can authenticate
| both sets of users I have with the same Samba host?
| i.e. The users who have NT accounts, and the users who
| don't (smbpasswd auth)

You can set

	auth methods = guest sam_ignoredomain winbind:ntdomain

in the [global] section of smb.conf.  However, if there is any
overlap in the usernames between local users and domain users,
the local user account takes precendence.

cheers, jerry
- ---------------------------------------------------------------------
Alleviating the pain of Windows(tm)      ------- http://www.samba.org
GnuPG Key                ----- http://www.plainjoe.org/gpg_public.asc
"If we're adding to the noise, turn off this song"--Switchfoot (2003)
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org


More information about the samba mailing list