[Samba] Inconsistent Authentication Results on Different Servers

Tim Evans tkevans at tkevans.com
Mon May 1 23:42:06 GMT 2006

>Tim Evans wrote:
>> 1. What is the order of authentication when the user 
>> has an /etc/passwd account on the server (no NIS in use), is
>> in the smbpasswd file, and is in the Windows domain?
>This is controlled by the undocumented 'auth methods' parameter.
>For domain members, and the domain of the name being authenticated.
>DOMAIN\user will only be authenticated by a domain controller
>for that domain.
>> 2. Can/should the smbpasswd file and tbd databases be 
>> identical on all the servers? And, if so, must all
>> domain accounts be listed in smbpasswd?
>You don't need an smbpasswd file on domain member servers.
>In this case, the smbpasswd file would be the local SAM
>and the domain controllers provide the domain SAM.  Just like
>you would see on a Windows member server.

Thanks for your reply.  What role does the local Linux machine's /etc/passwd 
play here, then?  In this particular situation, the UNIX and Windows logins are 
the same. Thus, for example, UNIX user 'joeuser' and domain user DOMAIN\joeuser 
are the same.

So, to reword question #1:  With no smbpasswd file (as you suggest), and with 
the presence of an /etc/password entry for 'joeuser,' and a domain user of the 
same name, which authenticates first? And which password (assuming they may not 
be the same) works?

Tim Evans, TKEvans.com, Inc.	|    5 Chestnut Court
tkevans at tkevans.com		|    Owings Mills, MD 21117
http://www.tkevans.com/		|    443-394-3864
http://www.come-here.com/News/	|    

More information about the samba mailing list