[Samba] Samba Domain member server - using domain part within authentication
Daniel Müller
mueller at tropenklinik.de
Tue Aug 7 04:43:27 MDT 2012
The advantage to work with BDCs you will see when your PDC is down.
EDV Daniel Müller
Leitung EDV
Tropenklinik Paul-Lechler-Krankenhaus
Paul-Lechler-Str. 24
72076 Tübingen
Tel.: 07071/206-463, Fax: 07071/206-499
eMail: mueller at tropenklinik.de
Internet: www.tropenklinik.de
Von: Michal [mailto:timeosko at gmail.com]
Gesendet: Dienstag, 7. August 2012 10:59
An: mueller at tropenklinik.de
Cc: samba at lists.samba.org
Betreff: Re: [Samba] Samba Domain member server - using domain part within
authentication
Hello Daniel,
I understand the role of domain member server. But I have not understood why
I have needed to type also domain name prefix during authentication - and
this was changed in some of previous relases of samba - currently this needs
to be explicitly defined that you want to map "any domain name" provided
from computer to "right domain name" used in samba domain.
On other way - I dont thnik that the better way is using BDC with direct
connection to LDAP server...
thanks
michal
On Mon, Jul 30, 2012 at 8:39 AM, Daniel Müller <mueller at tropenklinik.de>
wrote:
Hello,
Memberserver:
With security=domain, your auth request will be send to your dc and to its
success it needs domain\user password.
If your logon fails the memberserver tries to authenticate the user local.
The better way: work with BDCs/LDAP
Greetings
Daniel
-----------------------------------------------
EDV Daniel Müller
Leitung EDV
Tropenklinik Paul-Lechler-Krankenhaus
Paul-Lechler-Str. 24
72076 Tübingen
Tel.: 07071/206-463, Fax: 07071/206-499
eMail: mueller at tropenklinik.de
Internet: www.tropenklinik.de
-----------------------------------------------
-----Ursprüngliche Nachricht-----
Von: samba-bounces at lists.samba.org [mailto:samba-bounces at lists.samba.org] Im
Auftrag von Michal Bruncko
Gesendet: Freitag, 27. Juli 2012 14:40
An: samba at lists.samba.org
Betreff: [Samba] Samba Domain member server - using domain part within
authentication
Hello list,
We are using several file servers in our enviroment in following way:
- 1st fileserver is PDC
- 2nd ... Xth are domain memeber server (with security = domain, and joined
in domain via "net rpc join" command)
When user is logging into 1st fileserver, he can be successfully
authenticated with typing only "username" (without domain part) and his
password from client computer which is NOT part of this domain.
But when user is trying to log in to some domain member server, the
authentication willl not be successful until hi use login in form
"DOMAIN\username" and his password.
I need to note here, that winbind is not running on member servers, just
pure smbd and nmbd daemons.
Is there any way how to authenticate to member servers without using domain
part in authentication name?
I am using:
- on Server: samba on CentOS 6 - samba-3.5.10-125.el6.x86_64
- on Client: windows 7
many thanks
michal
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
More information about the samba
mailing list