[Samba] issues with security=domain

=?gb2312?B?1dQgbGlseQ==?= lilyat0125 at hotmail.com
Wed Jan 11 02:52:19 GMT 2006

Hi Dear Samba Gurus,
    We're planing to migrate the old samba server to a new samba server. 
But the person who maintain old samba server have left, so we need to  
figure out the configuration steps from the old config file. Now the things 
that confused me now is the setting with "security=domain", the old samba 
server config global sections are:
    log level = 3
    netbios name = myserver
    server string = Samba %v on (%L)
    encrypt passwords = yes 
    security = domain
    workgroup = workgroup1
    browsable = yes
    unix password sync = yes
    wins server = x.x.x.x
    guest ok = no 

And in old environmnet, only nmbd and smbd is started, winbindd is not 
started. According to the config, this samba server should not be domain 
member, and should participate in local master election, and become local 
master because there're the only samba server in the subnet.  am I correct 
But what I wondered here is: by default ntauth should be yes, and how user
are authenticated by their username/password? now the default password 
backend is smbpassword. When I try to setup a a new samba server in a new 
workgroup  with above config, it always report authentication error as 
smbclient //myserver/homes -U test
in smbd.log it tells:
[2006/01/10 18:37:17, 0] auth/auth_domain.c:check_ntdomain_security(284)
  check_ntdomain_security: could not fetch trust account password for 
domain 'GR
[2006/01/10 18:37:17, 2] auth/auth.c:check_ntlm_password(312)
It seems that user authentication still go throught NT domain 
What mechanism I can use to determine what authentication method was used 
in the old samba server?
When I try to migrate the old samba server to a new samba server, since 
there will be two samba server in the same workgroup, Whether It will 
interrupt user's work during migration? When Should I take cautions in 
order not to interrupt user's work?
Best Regards!

Ãâ·ÑÏÂÔØ MSN Explorer:   http://explorer.msn.com/lccn/  

More information about the samba mailing list