If I want to make two servers use the same encrypted passwords can I
share the smbpasswd file via NFS? Will updates/locking work correctly?
Is there an alternative? Can LDAP/PAM use encrypted passwords?
--
Gary Algier, WB2FWZ gaa@@ulticom.com +1 856 787 2758
Ulticom Inc., 1020 Briggs Rd, Mt. Laurel, NJ 08054 Fax:+1 856 866 2033
A self-addressed envelope would be addressed "envelope."
On Mon, Jan 14, 2002 at 04:21:01PM -0500, Gary Algier wrote:> If I want to make two servers use the same encrypted passwords can I > share the smbpasswd file via NFS? Will updates/locking work correctly? > Is there an alternative? Can LDAP/PAM use encrypted passwords?I do this by putting all the smbpasswd entries on one machine and setting the other Samba machines to "security = server", pointing them at the one with the password entries. All servers are configured to use encrypted passwords, and everything works fine with Samba 2.0/2.2 servers and NT4 clients. -- That feeling just came over me. -- Albert DeSalvo, the "Boston Strangler"
> If I want to make two servers use the same encrypted passwords can I > share the smbpasswd file via NFS? Will updates/locking work correctly? > Is there an alternative? Can LDAP/PAM use encrypted passwords?Wy not set "security = server" in smb.conf of one of the servers? Christian> > -- > Gary Algier, WB2FWZ gaa@@ulticom.com +1 856 787 2758 > Ulticom Inc., 1020 Briggs Rd, Mt. Laurel, NJ 08054 Fax:+1 856 866 2033 > > A self-addressed envelope would be addressed "envelope." > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: http://lists.samba.org/mailman/listinfo/samba >_(_)_ wWWWw _ @@@@ (_)@(_) vVVVv _ @@@@ (___) _(_)_ @@()@@ wWWWw (_)\ (___) _(_)_ @@()@@ Y (_)@(_) @@@@ (___) `|/ Y (_)@(_) @@@@ \|/ (_)\ / Y \| \|/ /(_) \| |/ | \ | \ |/ | / \ | / \|/ |/ \| \|/ jgs|// \\|/// \\\|//\\\|/// \|/// \\\|// \\|// \\\|// ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
On Mon, 14 Jan 2002, Gary Algier wrote:> If I want to make two servers use the same encrypted passwords can I > share the smbpasswd file via NFS? Will updates/locking work correctly?This is a major security hole to do this because the hashes will be transfered over NFS in the clear. Very bad.> Is there an alternative? Can LDAP/PAM use encrypted passwords?--with-ldapsam can do this (connect to the Directory from smbd over SSL) or you can just use rsync/ssh to push the updated smbpasswd file to a new server. chau, jerry --------------------------------------------------------------------- Hewlett-Packard http://www.hp.com SAMBA Team http://www.samba.org -- http://www.plainjoe.org "Sam's Teach Yourself Samba in 24 Hours" 2ed. ISBN 0-672-32269-2 --"I never saved anything for the swim back." Ethan Hawk in Gattaca--