samba - Jun 2005 - Help request: Windows and Linux authorisation in windows domain.

I have problem (as you noticed ;] ). I have to make unified
authorisation system for large, unsecure network connected to a two
Polish skelete networks. As you see I need to do it right to avoid big
problems.

The goal is to have windows and linux computers authorized by one
Linux mashine. I can do it by installing samba as a windows domain
controller. It would work for windows. Linuxes can authorize using
windows domain serwer too, but I would like to avoid unneeded mess
with this as they can authorize in that serwer more native way.

Any user not authorized in a windows domain will not have acces to the
outer world nor to the local serwers (except domain server, of
course), so... so they should be visible, no matter of the
authorisation way.

Aslo, home folders (or at least document subfolder) should mount
automaticly from authorisation server (linux boxes does it
automatically right now so I don't want to destroy it), changing
password should be global, pasword _can not_ be send throught the net
without encryption.

As you see, it is a quite big thing. I'm reading documentation a long
time, but I do need some advices/links/anything.

-- 
--------------->
Advocatus Diaboli - someone should do this job.

some kind of Molot
some kind of monster ;)

jid:molot@mruk.net
alt mailto:molot@mruk.net
gg:4588787
--------------->
--

Molot wrote:
> I have problem (as you noticed ;] ). I have to make unified
> authorisation system for large, unsecure network connected to a two
> Polish skelete networks. As you see I need to do it right to avoid big
> problems.
Not sure if I understood your problem but my first thought was about
using LDAP for the job. You can use it as a backend for samba and your
linux clients will be able to auth against it (mostly) out of the box.
There is password sync with samba credentials in place and it can be
used with SSL/TLS.

hth
 Paul