On Thu, 2002-07-25 at 04:18, Wesley Murphy wrote: > > I think I will try and proceed down the samba road since there is a samba > server already authenticating the windows machines.
In addition to pam_smb, you're going to need to set up the Winbind service. If your config isn't working, try posting it to the list. The information in `man winbindd` should be accurate and complete, though. This /will/ be required to operate off of only a Windows server. However, it's probably not going to work as well as you'd like, primarily with regard to the home directory mount that you want. If you try to store the drive on the Windows machine, then it will have to be automounted with the user's credentials after authentication. While that's not impossible, I'm not aware of any service that provides it. You'd probably have to write your own pam module (providing a session service?) that would do the job. You can't just mount /home from a Windows machine, because authenticating against one would give all of the users the permissions of the user used to mount /home. You also can't mount /home on an NFS share while using winbindd, because the mapping from Windows ID to UNIX ID is done locally, and nothing guarantees that the mapping will be the same on each machine (I think... I could be wrong on this). If you're serious about operating a heterogeneous network, this isn't the way to do it. Your domain should be operated on a UNIX server. All authentication and name service information should be stored in LDAP. Authentication to your Windows PC's should be done by Samba operating as a PDC, using the LDAP info. Home directories on the UNIX machine should be shared by Samba. Unix workstations can authenticate directly against LDAP, and mount /home over NFS. _______________________________________________ Redhat-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
