[Samba] NTLM auth, better on a DC or on a DM?
Marco Gaiarin
gaio at sv.lnf.it
Tue Sep 11 09:04:11 UTC 2018
Sorry, i'm still a bit confused.
Andreay say:
> I would do that, it allows you to have the FreeRADIUS fail over to
> another DC when you are upgrading Samba, and choose to upgrade Samba's
> base OS without consideration for the Squid/FreeRADIUS stack.
So, ntlm_auth connect to (local) winbind, and winbind connect to DCs,
so in this way freeradius 'failover' in respect of the DCs, but clearly
not in respect of winbind (local instance).
Right?
Or you are speaking of the new ability of freeradius to connect
''directly'' to winbind, without ntlm_auth?
Harry say:
> We have sveral squid proxy with ntlm_auth running. Ntlm_auth works only
> on a Domain Member Server and not on a PDC, BDC or DC.
I'm currently using freeradius (and squid) with ntlm_auth on my 'NT4'
domain on a BDC, so this is not fully true. ;-)
Thanks.
--
dott. Marco Gaiarin GNUPG Key ID: 240A3D66
Associazione ``La Nostra Famiglia'' http://www.lanostrafamiglia.it/
Polo FVG - Via della Bontà , 7 - 33078 - San Vito al Tagliamento (PN)
marco.gaiarin(at)lanostrafamiglia.it t +39-0434-842711 f +39-0434-842797
Dona il 5 PER MILLE a LA NOSTRA FAMIGLIA!
http://www.lanostrafamiglia.it/index.php/it/sostienici/5x1000
(cf 00307430132, categoria ONLUS oppure RICERCA SANITARIA)
More information about the samba
mailing list