[Samba] kerberos authentication question (NIS accounts)

Broun, Bevan brounb at adi-limited.com
Thu May 12 00:01:30 GMT 2005

Hi all

We currently have:

Samba 2.2.8 on Solaris 8.
User and group information comes from NIS.
Authenication is against an Active Directory in hybrid mode using

    security = SERVER
    workgroup = DOMAINNAME
    password server = AD_DC

A very simple set up from long ago.

Now the active directory needs to go into native mode. This will break this
style of authentication. 

The windows user names and the NIS usernames are the same. The NIS groups
and the Active directory groups are not similar.

The real fix is to make samba a member of the active directory and get all
user and group infomation from this directory. This would require restting
the permissions on all files. We intend to do this but it would take some

Im looking for a quicker way to let the active directory go into native
mode. Im thinking of samba still using the unix usernames and groups but
passing authentication to the AD domain controllers similar to how it is

Thanks in advance.


More information about the samba mailing list