Hi all,
I have lots of samba servers and want them to all authenticate against a
single password file which will be a LDAP database.
Where I want to be:
Login to a domain called "FROST" that passes the username:passwd to a
domain
called "ACR" which checks LDAP.
Where I'm at:
I can login (from a W2K machine) to a test server called LIBIT which uses LDAP
beautifully (after long hours/days of profanity). I can also join/login to
the samba domains called ACR (anytime) and FROST (if I change passwd server
and security settings to a stand alone).
I have 2 samba servers I'm testing out with the goal of passing
passwords...the servers are FROST and the authenticating server is called
ACR. I know that the login:passwd pair is being passed from FROST to ACR.
The command I tested this with is:
smbclient -L smbfrost -U jeffw
#smbclient -L <netbios name> -U <user>
btw, jeffw has a valid unix account on frost, but is not in the smbpasswd
file.
I then see a list of shares on the FROST domain.
So, my question is this. Can I have a domain called "FROST" which a
W2K/XP
machine can join/login to while doing all authenticating against a samba
server called "ACR"?
Does any of this make sense?
Here are condensed/cleaned smb.conf files:
--- Begin Frost smb.conf file ----
[global]
workgroup = frost
netbios name = smbfrost
server string = Samba Frostbite
encrypt passwords = yes
null passwords = no
log file = /var/log/samba/log.%m
max log size = 150
name resolve order = lmhost host wins bcast
domain logons = yes
os level = 30
preferred master = yes
domain master = no
security = server
password server = ACRC
hosts allow
--- End Frost smb.conf file ----
--- Begin ACR smb.conf file ---
[global]
netbios name = ACRC
workgroup = ACR
server string = ACRC Server
domain master = yes
browseable = Yes
logon path = \\%N\profiles\%U\profile
name resolve order = lmhost host wins bcast
null passwords = Yes
encrypt passwords = Yes
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
add user script = /usr/sbin/useradd -d /dev/null -g 100 -s /bin/false
-M %u
short preserve case = no
wins support = true
max log size = 50
logon script = %u.bat
writable = yes
security = user
domain logons = yes
max disk size = 50000
local master = yes
log file = /var/log/samba/log.%m
os level = 64
locking = no
--- End ACR smb.conf file ---
any help would be wonderful....unless your a RTFM person because I wouldn't
have gotten this far if I hadn't.
thanks
--
Jeff
"Maybe I'll make a deal with my boss..."Boss", I'll say,
"Let's upgrade to
Linux on all campus computers and I'll pay for the licensing out of my own
pocket."