[Samba] question on authentication

mogambo mogambo13 at gmail.com
Wed Mar 3 12:01:53 MST 2010

Hi there,

I am trying to come up with a solution to the current Samba authentication
voes on the gateway server for our distributed file system.  We currently
use smbpasswd file on the gateway server for authentication, which is not a
secure way and requires each user to be specifically added in.

I do not have much experience with Samba, so I am still learning quite a bit
as I jump from documentation to documentation and look at the relevant
source code.  My hope is that there is a way around ADS membership for the
gateway server.  Our gateway server is diskless and as I understand, it
would require ADS administrator password everytime it reboots.

I would like to delegate the authentication to the metadata server, which
can already do the authentication locally, or with ADS.  It currently uses
ntlm_auth in ntlm-server-1 mode and passes in username/password when
accessing the filesystem from a regular client running our file system
driver.  If I can get the encrypted password to the metadata server, is
there a way to use ntlm_auth to play challenge/response game for
authentication?  It seemed possible from a few posts on the list, but I was
unable to find documentation other than the manpage.

Using mode = server and the Samba server running on the metadata server as
the password server could be another option, but details there are very hazy
for me.


More information about the samba mailing list