> Message: 9
> From: Sylvestre Taburet <sylvestre.taburet@free.fr>
> Reply-To: sylvestre.taburet@free.fr
> Organization: @telier
> To: Joel Hammer <Joel@HammersHome.com>,
> =?iso-8859-1?q?Fr=E9d=E9ric=20SCHWIEN?= <fred@igtech.fr>,
> samba@lists.samba.org
> Subject: Re: [Samba] Linux Client
> Date: Wed, 17 Jul 2002 23:23:25 +0200
>
> Le Mercredi 17 Juillet 2002 23:13, Joel Hammer a ?crit :
[...]
>
>> I have not seen any replies, so, I'll ask. What are your trying to
do?
>> Your question isn't clear, at least to me.
>> Joel
>>>> On Wed, Jul 17, 2002 at 10:08:46PM +0200, Fr?d?ric SCHWIEN wrote:
>
>> > Hi,
>> >
>> > I am just wondering : is there a way to get a Linux Station
display a
>> > Microsoft like login screen
>> > (ie: login/password/network) on a microsoft like network hosted
on a
>> > samba server?
>> >
>> > If yes, what soft or configuration could I use?
>> >
>> > I know it is a bit off topic, but I guess some people on this list
might
>> > have search that.
>> >
>> > Best regards,
>> >
>> > fred
>
>
> If you're trying to logon to a windows NT domain using a linux wks, yes
this
> is possible using winbind.
>
> You can also mount the windows home dir of the domain user on the linux wks
> using pam_mount, but because smbfs won't support creation of specific
files,
> like fifos and sockets, you won't be able to open a KDE session in the
> smbmounted home dir.
>
> Because the domain has to be set-up before you can logon to it (the wks
must
> be member of the NT domain), you won't be able to change it anyway, so
why
> would you need it at logon time? Or maybe you need to hide your linux
station
> because you're in a very strict corporate environment ;o)?
> -- Sylvestre Taburet - 1024D/030E1B7E sylvestre.taburet@free.fr
Well, actually, if they have domain trusts, it should be possible to
login to any of the trusted domains. But, you will have either login as
DOMAIN+user or DOMAIN\user or something similar (depending on your
winbind config).
But I don't know if there is a way to get a ?dm (xdm, gdm, kdm) to
display a domain list, since there is no way that they can determine the
domain list (AFAIK), and they could be configured to authenticate by
LDAP or NIS or mysql also, and then what would one do?
I think there are still some missing bits in how pam works (compared to
how Netware client32 or Windows work), although it is more flexible, it
could be more scalable (like Netware, where you use your LDAP DN
essentially) or user-friendly (choose domain).
I guess you could hack a ?dm to do this for you from a list of domains,
or eventually maybe query winbind.
<plug>
Btw, for the easiest setup of winbind, you should istall Mandrake 8.2,
since there are then 6 steps to getting this working:
1)# urpmi samba-winbind
2)Edit /etc/samba/smb.conf and configure winbind settings and workgroup
3)# smbpasswd -j <DOMAIN> -U administrator
4)# service winbind start
5)# cp /etc/pam.d/system-auth-winbind /etc/pam.d/system-auth
6)# mkdir /home/DOMAIN
</plug>
For more info (and some stuff regarding win2k server settings) see
http://ranger.dnsalias.com/mandrake/muo/connect/csamba5.html#winbind
Buchan
--
|----------------Registered Linux User #182071-----------------|
Buchan Milne Mechanical Engineer, Network Manager
Cellphone * Work +27 82 472 2231 * +27 21 8828820x202
Stellenbosch Automotive Engineering http://www.cae.co.za
GPG Key http://ranger.dnsalias.com/bgmilne.asc
1024D/60D204A7 2919 E232 5610 A038 87B1 72D6 AC92 BA50 60D2 04A7