OPC oota
2009-Sep-10 02:23 UTC
[Samba] TOSHAG-Passdb.xml translate finished and some typo found
Now, TOSHARG-Passdb.xml translate to Japanese finished(3.4.0 base). And some typo found. Many people ask why Samba cannot simply use the UNIX password database. Windows requires passwords that are encrypted in its own format. The UNIX passwords can't be converted to ---- Windows? UNIX-style encrypted passwords. Because of that, you can't use the standard UNIX user database, and you have to store the LanMan and NT hashes somewhere else. <indexterm><primary>challenge/response mechanis</primary></indexterm> -------- mechanism <indexterm><primary>clear-text</primary></indexterm> <indexterm><primary>encrypted</primary></indexterm> <indexterm><primary>negotiate</primary></indexterm> All current releases of Microsoft SMB/CIFS clients support authentication via the Some people are confused when reference is made to <literal>smbpasswd</literal> because the name refers to a storage mechanism for SambaSAMAccount information, but it is also the name of a utility tool. That tool is destined to eventually be replaced by new functionality that is being added to the <command>net</command> toolset (see <link linkend="NetCommand">the Net Command</link>. - forgot ) The <command>smbpasswd</command> utility is similar to the <command>passwd</command> and <command>yppasswd</command> programs. It maintains the two 32 byte password fields in the passdb backend. This utility operates independently of the actual account and password storage methods used (as specified by the <parameter>passdb backend</parameter> in the &smb.conf; file. - forgot ) The POSIX and sambaSamAccount components of computer (machine) accounts are both used by Samba. Thus, machine accounts are treated inside Samba in the same way that Windows NT4/200X treats them. A user account and a machine account are indistinquishable from each other, except that ----------------- indistinguishable the machine account ends in a $ character, as do trust accounts. Domain global policy controls available in Windows NT4 compared with Samba is shown in <link linkend="policycontrols">NT4 Domain v's Samba Policy Controls</link>. --vs ? <itemizedlist> <listitem><para>Login ID.</para></listitem> <listitem><para>UNIX UID.</para></listitem> <listitem> <para>Microsoft LanManager password hash (password converted to upper-case thenhashed.</para> _ need ) </listitem> The first problem is that all lookups must be performed sequentially. Given that there are approximately two lookups per domain logon (one during intial logon validation ------ initial and one for a session connection setup, such as when mapping a network drive or printer ), this is a performance bottleneck for large sites. What is needed is an indexed approach such as that used in databases. <para><quote>I've installed Samba, but now I can't log on with my UNIX account! </quote></para> <para>Make sure your user has been added to the current Samba <smbconfoption name="passdb backend"/>. Read the <link linkend="acctmgmttools">Account Management Tools,</link> for unnecessary thing - details.</para> -- --- Oota Toshiya --- t-oota at dh.jp.nec.com NEC Computers Software Operations Unit Shiba,Minato,Tokyo Open Source Software Platform Development Division Japan,Earth,Solar system (samba-jp/ldap-jp Staff,mutt-j/samba-jp postmaster)
Possibly Parallel Threads
- TOSHAG-NetworkBrowsing.xml translate finished and some typo/question found
- TOSHAG-Winbind.xml translate finished and some bug found
- TOSHAG-TheNetCommand.xml translate finished and some TYPO found
- TOSHARG-DomainMember.xml translate finish and some bug found
- TOSHAG-ChangeNotes.xml translate finished and some typo found