On Wed, 8 Oct 2003, Bill Robinson wrote: > > A couple questions about how authentication works in Samba: > > -Is there a way to authenticate to a Samba PDC that does not require machine > and (domain) user accounts to be in the /etc/passwd file (- a way other then > LDAP or NIS)? > > -A follow up to that - is what is the purpose of requiring machines/users in > both the /etc/passwd file and the smbpasswd file? - i read something about > needing to resolve the machines/users but not a full explaination. To me it > seems that if I'm authenticating against Samba that's all it should need to > do - it's not like it's converting the NTLM hash to crypt or something right? > (since i can have different UNIX/Samba passwds) > > Basically the problem I'm trying to solve is to create an NT 4-style domain w/ > Samba, but not creating UNIX accounts on the PDC machine for the Windows > domain users. I only need Windows machines to authenticate to this domain. > > If there's a way to fake out Samba and point it to another file > besides /etc/passwd that would work I think....just a thought. I've also > thought of AD/Kerberos but that is not an option either in this environment. > > I've googled a bit for anything on the /etc/passwd issue but didn't turn > anything up, other then using LDAP or NIS (which aren't options) and I didn't > really see anything in the Samba docs - so any pointers in the right direction > would be appreciated. I've also looked into the PCNetlink, but that does not > seem to be well supported. > > This is for Samba 3.0 running as a NT4-style PDC on Solaris 2.8.
Bill, Have you looked at the Samba-HOWTO-Collection.pdf that ships with Samba-3.0.0? The chapter "Account Information Databases" answers your questions. Please let me know specifically what has not been well enough explained. What needs to be better documented? - John T. -- John H Terpstra Email: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba