On Sat, 27 Nov 1999 "Keith R. Baker" wrote:
> I have a mixed windows/linux environment. User/Password is an absolute
> mess. Every server has its own set. What is the easiest way to set this
> up? Should I start from scratch and use both SMB passwords and NIS? I
> have seen PAM modules which do authentication. Could I use straight SMB
> to do my user authentication? I think this would be better than NIS as it
> is encrypted (if I turn encryption on). Correct me if I am wrong but the
> only way to get encryption to work is to use the smb password file? Its
> just a pain when I already have users setup on my machine. Does anyone
> have a good working solution for this problem?
Well, for various reasons I personally consider SMB an inappropriate
choice of a unified authentication scheme for Unix machines. But about a
month ago, I was discussing this sort of thing with some fellow Linux
mischief-makers, and I ended up putting together a rough document that
outlines what it would take to set up a heterogeneous network using SMB
and LDAP as an underlying authentication and credential-granting
mechanism.
The paper is available on the web at
http://web.dodds.net/~vorlon/samba-talk/SMB-LDAP-scheme.txt
In order for this to work, the Unix machines on the network must support
both PAM and NSS. Since you say you're working with Linux, and mention
PAM explicitly, this shouldn't be a problem in your case.
HTH,
-Steve Langasek
postmodern programmer