[Samba] question on authentication
mogambo
mogambo13 at gmail.com
Wed Mar 3 12:01:53 MST 2010
Hi there,
I am trying to come up with a solution to the current Samba authentication
voes on the gateway server for our distributed file system. We currently
use smbpasswd file on the gateway server for authentication, which is not a
secure way and requires each user to be specifically added in.
I do not have much experience with Samba, so I am still learning quite a bit
as I jump from documentation to documentation and look at the relevant
source code. My hope is that there is a way around ADS membership for the
gateway server. Our gateway server is diskless and as I understand, it
would require ADS administrator password everytime it reboots.
I would like to delegate the authentication to the metadata server, which
can already do the authentication locally, or with ADS. It currently uses
ntlm_auth in ntlm-server-1 mode and passes in username/password when
accessing the filesystem from a regular client running our file system
driver. If I can get the encrypted password to the metadata server, is
there a way to use ntlm_auth to play challenge/response game for
authentication? It seemed possible from a few posts on the list, but I was
unable to find documentation other than the manpage.
Using mode = server and the Samba server running on the metadata server as
the password server could be another option, but details there are very hazy
for me.
Thanks,
-m.
More information about the samba
mailing list