Hello Daniel, I understand the role of domain member server. But I have not understood why I have needed to type also domain name prefix during authentication - and this was changed in some of previous relases of samba - currently this needs to be explicitly defined that you want to map "any domain name" provided from computer to "right domain name" used in samba domain.
On other way - I dont thnik that the better way is using BDC with direct connection to LDAP server... thanks michal On Mon, Jul 30, 2012 at 8:39 AM, Daniel Müller <muel...@tropenklinik.de>wrote: > Hello, > > Memberserver: > With security=domain, your auth request will be send to your dc and to its > success it needs domain\user password. > If your logon fails the memberserver tries to authenticate the user local. > The better way: work with BDCs/LDAP > > Greetings > Daniel > > ----------------------------------------------- > EDV Daniel Müller > > Leitung EDV > Tropenklinik Paul-Lechler-Krankenhaus > Paul-Lechler-Str. 24 > 72076 Tübingen > > Tel.: 07071/206-463, Fax: 07071/206-499 > eMail: muel...@tropenklinik.de > Internet: www.tropenklinik.de > ----------------------------------------------- > -----Ursprüngliche Nachricht----- > Von: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] > Im > Auftrag von Michal Bruncko > Gesendet: Freitag, 27. Juli 2012 14:40 > An: samba@lists.samba.org > Betreff: [Samba] Samba Domain member server - using domain part within > authentication > > Hello list, > > We are using several file servers in our enviroment in following way: > - 1st fileserver is PDC > - 2nd ... Xth are domain memeber server (with security = domain, and joined > in domain via "net rpc join" command) > > When user is logging into 1st fileserver, he can be successfully > authenticated with typing only "username" (without domain part) and his > password from client computer which is NOT part of this domain. > But when user is trying to log in to some domain member server, the > authentication willl not be successful until hi use login in form > "DOMAIN\username" and his password. > I need to note here, that winbind is not running on member servers, just > pure smbd and nmbd daemons. > > Is there any way how to authenticate to member servers without using domain > part in authentication name? > > I am using: > - on Server: samba on CentOS 6 - samba-3.5.10-125.el6.x86_64 > - on Client: windows 7 > > many thanks > > michal > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba > > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba