James Lamanna
2002-Nov-07 21:56 UTC
[Samba] Problems authentication with NT PDCs in security = server (was security = user)
The interesting part is that PAM nor the SMB auth plugin for Apache requires you to be a member of the domain. However, the caveat with pam_smb_auth is that you have to have a unix account for every windows user you want to authenticate. I guess the behavior I'm trying to achieve is the one achieved with the Apache plugin: 1) Doesn't require you to be a member of the domain 2) Doesn't require unix accounts for windows users. --James -----Original Message----- From: Collins, Kevin [mailto:KCollins@nesbittengineering.com] Sent: Thursday, November 07, 2002 1:50 PM To: 'James Lamanna'; Collins, Kevin Subject: RE: [Samba] Problems authentication with NT PDCs in security server (was security = user) James: My best guess (someone correct me if I'm wrong) is that you'll need to have the Samba machine as a member of the NT/2000 domain before it can authenticate against it. This is a Windows issue - and it's by design. Adding a machine to the domain creates the machine trust. The NT/2000 DCs will only share user account info with other members (or machines that it trusts). I have a Windows 2000 laptop that I keep in "Workgroup" mode. I can't retrieve *any* info about the domain computers or the Domain itself while in this mode. Other than adding the machine to the domain, you're probably stuck adding Unix users - and keeping up with password changes. Kevin> -----Original Message----- > From: James Lamanna [mailto:jamesl@appliedminds.net] > Sent: Thursday, November 07, 2002 4:40 PM > To: 'Collins, Kevin' > Subject: RE: [Samba] Problems authentication with NT PDCs in > security > server (was sercurity = user) > > > Well as you can see, I'm getting a funky error when I try to do it > anyways. > > And I don't know if the Windows Box administrator will give me > permission. > > > -----Original Message----- > From: Collins, Kevin [mailto:KCollins@nesbittengineering.com] > Sent: Thursday, November 07, 2002 1:24 PM > To: 'James Lamanna'; samba@lists.samba.org > Subject: RE: [Samba] Problems authentication with NT PDCs in > security > server (was sercurity = user) > > > > Is it possible to get samba to authenticate from the Domain without > > adding a machine account to the domain (using smbpasswd -j ...) > > I've always had to add the machine to the domain. Any reason why you > *don't* want to? > > Kevin C. > > > Also, when I tried to add the machine to the domain anyways, I > > received an interesting error: > > "Set net rpc join for this functionality" > > > > Thanks. > > --James > > > > -- > > To unsubscribe from this list go to the following URL and read the > > instructions: http://lists.samba.org/mailman/listinfo/samba > > >
Maybe Matching Threads
- Problems authentication with NT PDCs in security = se rver (was security = user)
- Problems authentication with NT PDCs in security = se rver (was sercurity = user)
- Re-4: Samba 3.0.9 doesn't remove printjobs ?
- Viruses and the list
- Samba Server in a WinNT 4 Domain - SOLVED, sort of...