[Samba] To use or not to use winbind
Chris Smith
smb_77 at chrissmith.org
Mon Aug 4 13:58:22 GMT 2008
On Sunday 03 August 2008, Jason A. Nunnelley wrote:
> Recap: Jeff and I are having a conversation about whether "turning
> off winbinds" is a solution for rectifying apparent conflicts with a
> PDC running winbinds.
Here's my take on the subject:
The general use for winbind is to be able to use an MS domain controller
for authentication eliminating the need to separately create
matching 'nix users.
The special case for using winbind is when, using Samba as the PDC, you
wish to insist that a username/password pair from a system not a domain
member is not authenticated even if the username/password pair matches
that of a domain user (maybe more correctly to state that the domain
part is missing from the supplied credentials). Note that generally
with a pure Windows network and a Windows NT4 PDC, as well as Windows
in general (peer to peer), matching username/password credentials are
enough to authenticate, so using winbind in this situation creates an
environment more restrictive then generally expected.
--
Chris
More information about the samba
mailing list