samba - Nov 2002 - Samba as BDC in NT domain

I have this problem: there is a subnet 192.168.6.0/24 and the gateway is
192.168.6.1 which has also another nic 172.21.13.123 which belongs to
subnet 172.21.13.0  where the PDC of NT-domain is. GW does NAT and it
causes that computers/users in subnet 192.168.6.0 cant logon to NT-domain.
Is it possible to put Samba in GW machine so that it can be a backup domain
controller in NT-domain and it uses username:passwd combinations from PDC
and login becames possible?
If so, how can it be done?

pasi h

I have only read that Samba is able to act as a BDC for another Samba PDC   
system. It is unable to act as a BDC for a Windows PDC due to the   
secreted method that Microsoft uses to transfer the SAM data to other   
Domain Controllers.

Regards,
Robert Adkins II
IT Manager/Buyer
Impel Industries, Inc.
Ph. 586-254-5800
Fx. 586-254-5804


 -----Original Message-----
From: Pasi Holmstr?m [mailto:pasihol@cedunet.com]
Sent: Wednesday, November 20, 2002 3:14 PM
To: samba@lists.samba.org; Robert Adkins
Subject: [Samba] Samba as BDC in NT domain

   

I have this problem: there is a subnet 192.168.6.0/24 and the gateway is
192.168.6.1 which has also another nic 172.21.13.123 which belongs to
subnet 172.21.13.0  where the PDC of NT-domain is. GW does NAT and it
causes that computers/users in subnet 192.168.6.0 cant logon to   
NT-domain.
Is it possible to put Samba in GW machine so that it can be a backup   
domain
controller in NT-domain and it uses username:passwd combinations from PDC
and login becames possible?
If so, how can it be done?

pasi h

 --
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

I am trying to work out a work around for this...I have used PWDUMP to
extract the NT SAM into a smbpasswd file.

Theoretically..one could write a script that would then parse that file and
run useradd -u RID to create the local accounts....I have done it manually
and it works very well (there is some issue with the groups, but I guess
that is a secondary battle)

what I would like to do is just circumvemt the need for the local users and
pull the password from the smbpasswd...but as I write this I think the
reason samba needs a local account for local authentication is the groups..



-----Original Message-----
From: Robert Adkins [mailto:raa@impelind.com]
Sent: Thursday, November 21, 2002 2:55 PM
To: Pasi Holmstr?m; samba@lists.samba.org
Subject: RE: [Samba] Samba as BDC in NT domain


I have only read that Samba is able to act as a BDC for another Samba PDC   
system. It is unable to act as a BDC for a Windows PDC due to the   
secreted method that Microsoft uses to transfer the SAM data to other   
Domain Controllers.

Regards,
Robert Adkins II
IT Manager/Buyer
Impel Industries, Inc.
Ph. 586-254-5800
Fx. 586-254-5804


 -----Original Message-----
From: Pasi Holmstr?m [mailto:pasihol@cedunet.com]
Sent: Wednesday, November 20, 2002 3:14 PM
To: samba@lists.samba.org; Robert Adkins
Subject: [Samba] Samba as BDC in NT domain

   

I have this problem: there is a subnet 192.168.6.0/24 and the gateway is
192.168.6.1 which has also another nic 172.21.13.123 which belongs to
subnet 172.21.13.0  where the PDC of NT-domain is. GW does NAT and it
causes that computers/users in subnet 192.168.6.0 cant logon to   
NT-domain.
Is it possible to put Samba in GW machine so that it can be a backup   
domain
controller in NT-domain and it uses username:passwd combinations from PDC
and login becames possible?
If so, how can it be done?

pasi h

 --
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Chris,

	I believe the issue is relating more to the SID (Security IDs) that are   
also transferred for both user and computers. I don't believe that   
dumping the NT SAM into a smbpasswd file would really do the trick as it   
wouldn't include the SID information. (Unless I am seriously mistaken.)

	What you are suggesting sounds like it would work simply for creating a   
Samba server within a Windows NT Domain that uses the domain controller   
to pull its list of users and accounts.

	You would still need to create all of the groups in the *NIX/Linux/*BSD   
groups file and set all the permissions on the drives. I am unfamiliar   
with being able to dump the NT group information into a text file.

Regards,
Robert Adkins II
IT Manager/Buyer
Impel Industries, Inc.
Ph. 586-254-5800
Fx. 586-254-5804


 -----Original Message-----
From: Chris McKeever [mailto:cgmckeever@prupref.com]
Sent: Thursday, November 21, 2002 4:18 PM
To: Robert Adkins; Pasi Holmstr?m; samba@lists.samba.org
Subject: RE: [Samba] Samba as BDC in NT domain

   

I am trying to work out a work around for this...I have used PWDUMP to
extract the NT SAM into a smbpasswd file.

Theoretically..one could write a script that would then parse that file   
and
run useradd -u RID to create the local accounts....I have done it   
manually
and it works very well (there is some issue with the groups, but I guess
that is a secondary battle)

what I would like to do is just circumvemt the need for the local users   
and
pull the password from the smbpasswd...but as I write this I think the
reason samba needs a local account for local authentication is the   
groups..



 -----Original Message-----
From: Robert Adkins [mailto:raa@impelind.com]
Sent: Thursday, November 21, 2002 2:55 PM
To: Pasi Holmstr?m; samba@lists.samba.org
Subject: RE: [Samba] Samba as BDC in NT domain


I have only read that Samba is able to act as a BDC for another Samba PDC   
    

system. It is unable to act as a BDC for a Windows PDC due to the
secreted method that Microsoft uses to transfer the SAM data to other
Domain Controllers.

Regards,
Robert Adkins II
IT Manager/Buyer
Impel Industries, Inc.
Ph. 586-254-5800
Fx. 586-254-5804


 -----Original Message-----
From: Pasi Holmstr?m [mailto:pasihol@cedunet.com]
Sent: Wednesday, November 20, 2002 3:14 PM
To: samba@lists.samba.org; Robert Adkins
Subject: [Samba] Samba as BDC in NT domain

     


I have this problem: there is a subnet 192.168.6.0/24 and the gateway is
192.168.6.1 which has also another nic 172.21.13.123 which belongs to
subnet 172.21.13.0  where the PDC of NT-domain is. GW does NAT and it
causes that computers/users in subnet 192.168.6.0 cant logon to
NT-domain.
Is it possible to put Samba in GW machine so that it can be a backup
domain
controller in NT-domain and it uses username:passwd combinations from PDC
and login becames possible?
If so, how can it be done?

pasi h

 --
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

 --
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba