> > If you use the secondary server only for file services (SAMBA)
> > and the other master server for all other requirements
> Maybe I'm being dense today, but I'm don't see how this buys you anything.
> How is this secondary Samba server different from any other client in the
> domain? I could just as easily setup a Win machine with a bunch of extra
> hard drive space and store all of my data there.
>
> Samba currently has no mechanism in place to share "authentication
> information" with other machines. Doesn't matter if it's another Samba
> machine or a windows machine.
Yes it does, but only for Samba services. You can make a
Samba server authenticate against another samba server
or an NT domain. Until the latest version you had to
create the user in the password file to get the user and group
id's assigned but the password was checked by the designated
server instead of locally so you didn't have to keep the
passwords in sync across machines. The latest version adds
'winbind' to magically create users that exist in the domain
but not locally, but I think it currently has to work with a
real domain controller for this.
> > you can configure the samba on the secondary to authenicate
> I've never tried this so maybe my next statement is out there door but....
> How can you obtain domain authentication, machine or user, from a server
> that isn't a domain controller? Samba, as far as I know, can't have dual
> personalities. Either it's a domain controller or it isn't.
Any samba server running in 'user' security mode will answer
authentication requests from another server. This is just a
password comparison check, not everything a domain controller
does.
Les Mikesell
[EMAIL PROTECTED]
--
Please report bugs to [EMAIL PROTECTED]
Please mail [EMAIL PROTECTED] (only) to discuss security issues
Support for registered customers and partners to [EMAIL PROTECTED]
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Archives by mail and http://www.mail-archive.com/devinfo%40lists.e-smith.org
