[Samba] Dual Mode Security
Hi there, Simple question. I currently have security = server mode working for my samba installation on a freebsd unix box where I work. I am wondering if I can use a dual mode of security. For example, I want to be able to authenticate certain samba user shares against the samba password file rather than the Active Directory server that I authenticate against sometimes. Better would be to have samba check the passwords file first, if NO authentication, then proceed onto the Active Directory auth. Can this be done with Samba? Thanks, Rogie -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Dual Mode Security
Hi there, Simple question. I currently have security = server mode working for my samba installation on a freebsd unix box where I work. I am wondering if I can use a dual mode of security. For example, I want to be able to authenticate certain samba user shares against the samba password file rather than the Active Directory server that I authenticate against sometimes. Better would be to have samba check the passwords file first, if NO authentication, then proceed onto the Active Directory auth. Can this be done with Samba? Thanks, Rogie -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Dual Mode Security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
King, Rogie wrote:
Hi there,
Simple question. I currently have security = server mode
working for my samba installation on a freebsd unix box where
I work. I am wondering if I can use a dual mode
of security. For example, I want to be able to authenticate
certain samba user shares against the samba password file
rather than the Active Directory server that I
authenticate against sometimes. Better would be to have
samba check the passwords file first, if NO
authentication, then proceed onto the Active Directory
auth. Can this be done with Samba?
Technically you should be able to set
'auth methods = guest sam_ignoredomain ntdomain'
but you didn't hear that from me. There's a good reason
why we don't generally recommend tweaking the 'auth methods'
option.
Note that I will recommend 'security = {domain,ads}'
over 'security = server' anyday though.
cheers, jerry
=
Alleviating the pain of Windows(tm) --- http://www.samba.org
Centeris --- http://www.centeris.com
There's an anonymous coward in all of us. --anonymous
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.2 (MingW32)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFDwHFZIR7qMdg1EfYRAjMLAJ45J7+pInBFETvmc3p6Rch8x9ddhQCcCENp
ym6cH4Nsv05N38TrTAqDVNY=
=ORoX
-END PGP SIGNATURE-
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Dual Mode Security
Hi there, Simple question. I currently have security = server mode working for my samba installation on a freebsd unix box where I work. I am wondering if I can use a dual mode of security. For example, I want to be able to authenticate certain samba user shares against the samba password file rather than the Active Directory server that I authenticate against sometimes. Better would be to have samba check the passwords file first, if NO authentication, then proceed onto the Active Directory auth. Can this be done with Samba? Thanks, Rogie -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Dual Mode Security
On Thu, 2006-01-05 at 12:53 -0700, King, Rogie wrote: Hi there, Simple question. I currently have security = server mode working for my samba installation on a freebsd unix box where I work. I am wondering if I can use a dual mode of security. For example, I want to be able to authenticate certain samba user shares against the samba password file rather than the Active Directory server that I authenticate against sometimes. Better would be to have samba check the passwords file first, if NO authentication, then proceed onto the Active Directory auth. Can this be done with Samba? Certainly not on a per-share basis, as that is too late. You could however setup separate IP aliases for your host, and use include = smb.conf.%i You could also use %L (called name) and netbios aliases, but you must set 'smb ports = 139' to block access to port 445, which does not provide that info. Andrew Bartlett -- Andrew Bartletthttp://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Student Network Administrator, Hawker College http://hawkerc.net signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
