[Samba] Remote Authentication server

Tue Oct 25 04:38:33 GMT 2005

Hi all
I have two samba server and I would like to set up one of them as a central 
authentication server (server a) and the other one (server b) to send 
username/password requests to server a
I have followed the instruction on 
http://www.skippy.net/linux/2000/smb-howto.html
However it doesn't seem to function properly.
Has anyone been able to achieve remote authentication
What minimum version of samba do I need.
As server a has version 2.2.7a and server b has version 3.0.20

Does any one have an example smb.conf that I could use to cross reference
Here are the two smb.conf files on the two machines.

What should I be looking for in the log files/tcpdump output?
I know its not behaving how it should because if I change a password on the 
remote server and try and log in, I can only log in with the old password 
on the local server.

(server a)
[global]
workgroup = DOMAIN
netbios name = fangorn
server string = Main Server 001
hosts allow = x.x.x. 127.0.0. x.x.x.
printcap name = /etc/printcap
load printers = yes
printing = bsd
log file = /var/log/samba/log.%m
max log size = 50
security = user
encrypt passwords = yes
smb passwd file = /etc/smbpasswd
unix password sync = Yes
passwd program = /usr/bin/passwd %u
passwd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password* %n\n 
*passwd:*all*authentication*tokens*updated*successfully*
socket options = TCP_NODELAY IPTOS_LOWDELAY SO_SNDBUF=8192 SO_RCVBUF=8192
remote browse sync = x.x.x.x
remote announce = x.x.x.x
local master = yes
os level = 64
domain master = yes
preferred master = yes
domain logons = yes
logon script = logon.bat
logon home = \\%L\%U\profile
logon path = \\%L\%U\profile
name resolve order = wins lmhosts bcast
wins support = yes
wins proxy = no
dns proxy = yes
preserve case = yes
short preserve case = yes
bind interfaces only = true
interfaces = x.x.x.x 127.0.0.1

(server b)
[global]
         log file = /var/log/samba/%m.log
         ;domain master = yes
         domain logons = yes
         encrypt passwords = yes
         logon home = \\%G\%U\.profiles
         netbios name = tachikoma
         logon script = logon.bat
         ;logon script = %U.bat
         unix password sync = yes
         local master = yes
         workgroup = domain
         logon path = \\%G\%U\.profiles
         os level = 33
         ;security = user
         preferred master = yes
         ;domain logons = yes
         passwd program = /usr/bin/passwd %u
         passwd chat = *New*password* %n\n *Retype*new*password* %n\n
         *passwd:*all*authentication*tokens*updated*successfully*
         add user script = /usr/sbin/useradd -d /dev/null -g 100 -s 
/bin/false -M %u

;for central passwords
         hosts allow = x.x.x. 127.0.0. x.x.x.
         domain master = no
         ;local master = no
         ;domain logons = no
         security = domain
         password server = fangorn
         remote browse sync = x.x.x.x
         remote announce = x.x.x.x
         name resolve order = wins lmhosts bcast
         wins support = yes
         wins proxy = yes
         ;wins server = x.x.x.x
         dns proxy = yes
         ;logon path = \\%G\%U\profile
         ;logon home = \\%G\%U\profile
         ;debug level = 10

Thanks for your time and effort.
cj