[Samba] Samba Domain member server - using domain part within authentication

Daniel Müller mueller at tropenklinik.de
Mon Jul 30 00:39:38 MDT 2012


With security=domain, your auth request will be send to your dc and to its
success it needs domain\user password.
If your logon fails the memberserver tries to authenticate the user local.
The better way: work with BDCs/LDAP


EDV Daniel Müller

Leitung EDV
Tropenklinik Paul-Lechler-Krankenhaus
Paul-Lechler-Str. 24
72076 Tübingen

Tel.: 07071/206-463, Fax: 07071/206-499
eMail: mueller at tropenklinik.de
Internet: www.tropenklinik.de
-----Ursprüngliche Nachricht-----
Von: samba-bounces at lists.samba.org [mailto:samba-bounces at lists.samba.org] Im
Auftrag von Michal Bruncko
Gesendet: Freitag, 27. Juli 2012 14:40
An: samba at lists.samba.org
Betreff: [Samba] Samba Domain member server - using domain part within

Hello list,

We are using several file servers in our enviroment in following way:
- 1st fileserver is PDC
- 2nd ... Xth are domain memeber server (with security = domain, and joined
in domain via "net rpc join" command)

When user is logging into 1st fileserver, he can be successfully
authenticated with typing only "username" (without domain part) and his
password from client computer which is NOT part of this domain.
But when user is trying to log in to some domain member server, the
authentication willl not be successful until hi use login in form
"DOMAIN\username" and his password.
I need to note here, that winbind is not running on member servers, just
pure smbd and nmbd daemons.

Is there any way how to authenticate to member servers without using domain
part in authentication name?

I am using:
- on Server: samba on CentOS 6 - samba-3.5.10-125.el6.x86_64
- on Client: windows 7

many thanks

To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

More information about the samba mailing list