RE: [Samba] PGina & Samba
On Wed, 2005-03-09 at 21:37 -0500, Paul Barnick wrote: > Chuck: > > You're the second person to suggest vmware workstation to me. It is a > little expensive for me but I'll look into it (it might be worth it if it > saves me time in the long run - that's how I'll get my boss to look at it!). Not only will it save you time, it will save him a lot on money. $199 for VMware and $200-300 (or less if you already have 1GB) for 2GB of memory for your computer is significantly less than buying 3 or 4 machines for you to use for testing. With 2GB of memory and a reasonably fast processor you can run 4 Virtual Machines simultaneously and still use the Host. If you have a laptop and can get him to spring for the memory for it you can take it home to work on projects. If you are like me, there never is any time to do testing while I'm at the office anyway, so, I get most of my testing and evaluation done at home. > Does it allow you to use the Linux portion of your computer to act as a DHCP > server and assign different IP addresses to the different windows > workstations, all on the same computer? That sounds a little hard to > believe for me, but I would think that it would be necessary in order to do > some testing. VMWare includes it own DHCP server. Also there are three different ways of setting up Networking with VMWare so you have a lot of options. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] PGina & Samba
On 10 Mar 2005, at 13:37, Paul Barnick wrote: Does it allow you to use the Linux portion of your computer to act as a DHCP server and assign different IP addresses to the different windows workstations, all on the same computer? Yes. Believe it. The slightly longer answer: VMWare can use virtual point-to-point networks to communicate between the host and guest operating systems, and each guest operating system can have virtual ethernet interface(s) on your real Ethernet network. The longer answer: VMWare on Linux uses virtual interfaces, and can be configured with what is called a "full internal network" - meaning that the interfaces are virtual devices of which your host operating system sees one end, the guest operating system the other. The devices look like an Ethernet interface, and perform the role of a dedicated ethernet card in the "host" and "guest" hardware, connected by a crossover cable. That is, the virtual ethernet card provides a point to point link between the two systems. You can also configure VMWare to have virtual interfaces on the real Ethernet network. This ends up putting your physical network card in promiscuous mode, with each VMWare machine checking every packet and giving its guest OS those packets that have the right MAC address for that virtual Ethernet card. So you could conceivably configure your host operating system as a DHCP server and IP router for the virtual machines running inside it. Alex -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] PGina & Samba
Chuck: You're the second person to suggest vmware workstation to me. It is a little expensive for me but I'll look into it (it might be worth it if it saves me time in the long run - that's how I'll get my boss to look at it!). Does it allow you to use the Linux portion of your computer to act as a DHCP server and assign different IP addresses to the different windows workstations, all on the same computer? That sounds a little hard to believe for me, but I would think that it would be necessary in order to do some testing. Paul -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Chuck Stuettgen Sent: Wednesday, March 09, 2005 9:23 PM To: samba@lists.samba.org Subject: RE: [Samba] PGina & Samba On Wed, 2005-03-09 at 07:36 -0500, Paul Barnick wrote: > Jim: > > I have looked at the site. At first I was concerned about the > security of using PGina instead of a regular Windows logon, but I > posted on the forum and received some good responses there that > convinced me that it is at least as secure as windows logon. Now > comes the implementation! Unfortunately, I can only do it on the > weekend as I think it will take some time for me to get it to work and > we cannot have the network down while I'm trying to get it to work. > You should look into getting a copy of VMWare Workstation. You can setup a complete network of VM machines to do your testing and not touch the production network at all. I have VM Workstation for Linux running on my Laptop and routinely run 4 to 5 VM's all at once. I just bought a Dell PowerEdge 700 server with 4GB of RAM to run VMWare and it is going to replace the 4 computers currently residing in my office. Check it out. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] PGina & Samba
On Wed, 2005-03-09 at 07:36 -0500, Paul Barnick wrote: > Jim: > > I have looked at the site. At first I was concerned about the security of > using PGina instead of a regular Windows logon, but I posted on the forum > and received some good responses there that convinced me that it is at least > as secure as windows logon. Now comes the implementation! Unfortunately, I > can only do it on the weekend as I think it will take some time for me to > get it to work and we cannot have the network down while I'm trying to get > it to work. > You should look into getting a copy of VMWare Workstation. You can setup a complete network of VM machines to do your testing and not touch the production network at all. I have VM Workstation for Linux running on my Laptop and routinely run 4 to 5 VM's all at once. I just bought a Dell PowerEdge 700 server with 4GB of RAM to run VMWare and it is going to replace the 4 computers currently residing in my office. Check it out. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] PGina & Samba
Jim: I have looked at the site. At first I was concerned about the security of using PGina instead of a regular Windows logon, but I posted on the forum and received some good responses there that convinced me that it is at least as secure as windows logon. Now comes the implementation! Unfortunately, I can only do it on the weekend as I think it will take some time for me to get it to work and we cannot have the network down while I'm trying to get it to work. Pgina from afar looks like a great program. I will give it a try. Paul _ From: Jim McDonough [mailto:[EMAIL PROTECTED] Sent: Wednesday, March 09, 2005 4:07 AM To: Andrew Bartlett Cc: Paul Barnick; samba@lists.samba.org; [EMAIL PROTECTED] Subject: Re: [Samba] PGina & Samba >Why use PGina when you can just join the Samba domain? Passwords. Even if you only use pGina to trap password changes, you get a chance at the plain-text password without having some other funky interface, just the standard ctrl+alt+del chage password. pGina allows chaining of ginas (which is actually what is supposed to happen, but most gina authors implement this incorrectly), so you can still use windows auth if you want. Anyway, Paul, have you tried the pgina site? Nate is usually very helpful. Jim McDonough IBM Linux Technology Center Samba Team 6 Minuteman Drive Scarborough, ME 04074 USA jmcd at us dot ibm dot com jmcd at samba dot org Phone: 1-877-228-1846 IBM tie-line: 349-5335 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] PGina & Samba
>Why use PGina when you can just join the Samba domain? Passwords. Even if you only use pGina to trap password changes, you get a chance at the plain-text password without having some other funky interface, just the standard ctrl+alt+del chage password. pGina allows chaining of ginas (which is actually what is supposed to happen, but most gina authors implement this incorrectly), so you can still use windows auth if you want. Anyway, Paul, have you tried the pgina site? Nate is usually very helpful. Jim McDonough IBM Linux Technology Center Samba Team 6 Minuteman Drive Scarborough, ME 04074 USA jmcd at us dot ibm dot com jmcd at samba dot org Phone: 1-877-228-1846 IBM tie-line: 349-5335-- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] PGina & Samba
I'm currently using pGina with LDAP for authentication. For the purpose of bypassing Window's authentication. It's been working very well. The problem to overcome is the fact that LDAP authentication is via "userPassword" field in ldap schema but Window's SMB/CIFS uses The sambaNTPassword samba field for authentication. Bummer. I've worked around this issue via Linux scripts but pGina may have a plugin that addresses this issue directly. jay -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Paul Barnick Sent: Tuesday, March 08, 2005 7:39 PM To: 'Fiordilino, Rudy' Cc: samba@lists.samba.org Subject: RE: [Samba] PGina & Samba Thanks for the reply. That is exactly what I'm trying to do - bypass the Windows authentication. I guess if you're able to get Samba/LDAP working and can't get Pgina to work, it might not be as easy as it seems (I'm still new to this and was impressed with myself when I got Samba working with a pretty simple configuration file!). I just wished that Samba could bypass the Windows authentication. Paul -Original Message- From: Fiordilino, Rudy [mailto:[EMAIL PROTECTED] Sent: Tuesday, March 08, 2005 7:12 PM To: Paul Barnick Subject: RE: [Samba] PGina & Samba Hey Paul, We've been able to get Samba/LDAP working and are just now starting to play with PGina in order to someday bypass Windows authentication completely and use LDAP directly. I downloaded it a few weeks ago and wasn't able to login to LDAP during the configuration of the plugin. Let me know if you get something similar working. Thanks, Rudy Fiordilino Talk America, inc. www.talk.com -Original Message- From: Paul Barnick [mailto:[EMAIL PROTECTED] Sent: Tuesday, March 08, 2005 1:55 PM To: samba@lists.samba.org Subject: [Samba] PGina & Samba Does anyone have any experience using PGina with Samba for a simple "single sign on" approach using Windows clients? If so, I would love to know how it is working for you. I tried posting here a bit ago for a way to do this ("single sign on") with samba only, but I didn't get any responses and therefore looked into other opportunities. Thanks. Paul -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] PGina & Samba
Thanks for the reply. That is exactly what I'm trying to do - bypass the Windows authentication. I guess if you're able to get Samba/LDAP working and can't get Pgina to work, it might not be as easy as it seems (I'm still new to this and was impressed with myself when I got Samba working with a pretty simple configuration file!). I just wished that Samba could bypass the Windows authentication. Paul -Original Message- From: Fiordilino, Rudy [mailto:[EMAIL PROTECTED] Sent: Tuesday, March 08, 2005 7:12 PM To: Paul Barnick Subject: RE: [Samba] PGina & Samba Hey Paul, We've been able to get Samba/LDAP working and are just now starting to play with PGina in order to someday bypass Windows authentication completely and use LDAP directly. I downloaded it a few weeks ago and wasn't able to login to LDAP during the configuration of the plugin. Let me know if you get something similar working. Thanks, Rudy Fiordilino Talk America, inc. www.talk.com -Original Message- From: Paul Barnick [mailto:[EMAIL PROTECTED] Sent: Tuesday, March 08, 2005 1:55 PM To: samba@lists.samba.org Subject: [Samba] PGina & Samba Does anyone have any experience using PGina with Samba for a simple "single sign on" approach using Windows clients? If so, I would love to know how it is working for you. I tried posting here a bit ago for a way to do this ("single sign on") with samba only, but I didn't get any responses and therefore looked into other opportunities. Thanks. Paul -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] PGina & Samba
On Tue, 2005-03-08 at 13:55 -0500, Paul Barnick wrote: > Does anyone have any experience using PGina with Samba for a simple "single > sign on" approach using Windows clients? If so, I would love to know how it > is working for you. I tried posting here a bit ago for a way to do this > ("single sign on") with samba only, but I didn't get any responses and > therefore looked into other opportunities. Why use PGina when you can just join the Samba domain? Andrew Bartlett -- Andrew Bartletthttp://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Student Network Administrator, Hawker College http://hawkerc.net signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] PGina & Samba
Does anyone have any experience using PGina with Samba for a simple "single sign on" approach using Windows clients? If so, I would love to know how it is working for you. I tried posting here a bit ago for a way to do this ("single sign on") with samba only, but I didn't get any responses and therefore looked into other opportunities. Thanks. Paul -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba