[Samba] 'Last Change Time' generation for smbpasswd
In the docs it is noted that the Last Change Time in smbpasswd is: This field consists of the time the account was last modified. It consists of the characters 'LCT-' (standing for Last Change Time) followed by a numeric encoding of the UNIX time in seconds since the epoch (1970) that the last change was made. What is the numeric encoding used? I'd like to be able to generate this apart from using smbpasswd. I google'd a bit for this but didn't turn up much other then links pointing back to the docs. Thanks -Bill - This mail sent through IMP: http://horde.org/imp/ -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Newbie Authentication Questions
Quoting John H Terpstra [EMAIL PROTECTED]: The bottom line is that NUA did not happen for user accounts and it is hardly useable for machine accounts. My advice is do not use the NUA facility because when we re-introduce it what is there will most likely not be compatible with the new mechanisms. At least if you have machine accounts in your password back end (eg: /etc/passwd) there will be a mechanism to migrate them to a new system. hmm - ok - i think i'm going to look at the winbind stuff and see if something can be worked out there (as suggested by jeremy), but thanks all (andrew/john) for the clarifications about some of the interworkings of samba. most of the issues i'm having w/ this setup are due to the inflexibility of the environment, not samba btw. Thanks -Bill - This mail sent through IMP: http://horde.org/imp/ -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Newbie Authentication Questions
A couple questions about how authentication works in Samba: -Is there a way to authenticate to a Samba PDC that does not require machine and (domain) user accounts to be in the /etc/passwd file (- a way other then LDAP or NIS)? -A follow up to that - is what is the purpose of requiring machines/users in both the /etc/passwd file and the smbpasswd file? - i read something about needing to resolve the machines/users but not a full explaination. To me it seems that if I'm authenticating against Samba that's all it should need to do - it's not like it's converting the NTLM hash to crypt or something right? (since i can have different UNIX/Samba passwds) Basically the problem I'm trying to solve is to create an NT 4-style domain w/ Samba, but not creating UNIX accounts on the PDC machine for the Windows domain users. I only need Windows machines to authenticate to this domain. If there's a way to fake out Samba and point it to another file besides /etc/passwd that would work I thinkjust a thought. I've also thought of AD/Kerberos but that is not an option either in this environment. I've googled a bit for anything on the /etc/passwd issue but didn't turn anything up, other then using LDAP or NIS (which aren't options) and I didn't really see anything in the Samba docs - so any pointers in the right direction would be appreciated. I've also looked into the PCNetlink, but that does not seem to be well supported. This is for Samba 3.0 running as a NT4-style PDC on Solaris 2.8. Thanks -Bill - This mail sent through IMP: http://horde.org/imp/ -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Newbie Authentication Questions
Quoting John H Terpstra [EMAIL PROTECTED]: Bill, Have you looked at the Samba-HOWTO-Collection.pdf that ships with Samba-3.0.0? The chapter Account Information Databases answers your questions. Please let me know specifically what has not been well enough explained. What needs to be better documented? Well - the begining of that section says: Samba-3 does not support Non-UNIX Account (NUA) operation for user accounts. Samba-3 does support NUA operation for machine accounts. So I guess that's possibly half of my problem solved. I gather that even w/ tdbsam, mysqlsam or xmlsam the /etc/passwd entries are still required for user accounts, but it seems that xmlsam is not a functional backend. So it seems that the only way to do away w/ having Samba accts (users, machines) in /etc/passwd is to use ldap authentication for both Samba as well as the OS itself. Maybe I'm missing something? Basically what I'm looking for is a way to have a unix box provide the NT Domain service to a group (uh domain) of NT/2k servers, but have all the authenticaton/accts/etc be compeletly self-contained in that service, and have no correlation to the OS authentication/accts/etc - which is guess is the NUA capability. So maybe my question should be when will NUA be ready? Thanks, -Bill - This mail sent through IMP: http://horde.org/imp/ -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba