Mayank Agrawal
2010-Nov-03 00:51 UTC
[Samba] NTLM Authentication against multiple domain comtrollers
We have a working setup of squid + samba + winbind to authenticate users belonging to the same domain (using NTLM). We have an immediate urgent requirement to support authentication against multiple Domains which are using their own Domain controller. There is NO Trust Relation between these Domain Controllers. I have searched through length and breadth of all available documents and discussions, but there doesn't seem to be any solution available. Please let us know if such a solution exists. I am eager enough to put in a few changes in the code (if this is what is required), but this would require a few pointers from this knowledgeable community. Thanks in advance, Mayank
Daniel Müller
2010-Nov-03 07:29 UTC
[Samba] NTLM Authentication against multiple domain comtrollers
Even in the windows world I don't believe this exists.. Keep me informed if this is possible ----------------------------------------------- EDV Daniel M?ller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 T?bingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: mueller at tropenklinik.de Internet: www.tropenklinik.de ----------------------------------------------- -----Urspr?ngliche Nachricht----- Von: samba-bounces at lists.samba.org [mailto:samba-bounces at lists.samba.org] Im Auftrag von Mayank Agrawal Gesendet: Mittwoch, 3. November 2010 01:51 An: samba at lists.samba.org Betreff: [Samba] NTLM Authentication against multiple domain comtrollers We have a working setup of squid + samba + winbind to authenticate users belonging to the same domain (using NTLM). We have an immediate urgent requirement to support authentication against multiple Domains which are using their own Domain controller. There is NO Trust Relation between these Domain Controllers. I have searched through length and breadth of all available documents and discussions, but there doesn't seem to be any solution available. Please let us know if such a solution exists. I am eager enough to put in a few changes in the code (if this is what is required), but this would require a few pointers from this knowledgeable community. Thanks in advance, Mayank -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Gaiseric Vandal
2010-Nov-03 16:15 UTC
[Samba] NTLM Authentication against multiple domain comtrollers
Could you create a an extra domain, which imports the accounts from all the other domains. If it is an ldap backend you can use ldap queries nightly to pull info out. if a TBD backend up can use smbpasswd to dump info out nightly. You may need to modify the data to make sure there are no duplicate uid's. Are there also unix accounts for all these users? If samba password sync is enabled, then unix pw's shouild be the same. Maybe you skip the NTLM component ? might give you more flexibility? On 11/02/2010 08:51 PM, Mayank Agrawal wrote:> We have a working setup of squid + samba + winbind to authenticate users > belonging to the same domain (using NTLM). We have an immediate urgent > requirement to support authentication against multiple Domains which are > using their own Domain controller. There is NO Trust Relation between > these Domain Controllers. > > > > I have searched through length and breadth of all available documents > and discussions, but there doesn't seem to be any solution available. > > > > Please let us know if such a solution exists. I am eager enough to put > in a few changes in the code (if this is what is required), but this > would require a few pointers from this knowledgeable community. > > > > Thanks in advance, > > Mayank > >