[Samba] kerberos authentication question (NIS accounts)
brounb at adi-limited.com
Thu May 12 00:01:30 GMT 2005
We currently have:
Samba 2.2.8 on Solaris 8.
User and group information comes from NIS.
Authenication is against an Active Directory in hybrid mode using
security = SERVER
workgroup = DOMAINNAME
password server = AD_DC
A very simple set up from long ago.
Now the active directory needs to go into native mode. This will break this
style of authentication.
The windows user names and the NIS usernames are the same. The NIS groups
and the Active directory groups are not similar.
The real fix is to make samba a member of the active directory and get all
user and group infomation from this directory. This would require restting
the permissions on all files. We intend to do this but it would take some
Im looking for a quicker way to let the active directory go into native
mode. Im thinking of samba still using the unix usernames and groups but
passing authentication to the AD domain controllers similar to how it is
Thanks in advance.
More information about the samba