Date: Fri, 02 Mar 2001 17:11:22 -0800 From: Jason Liao <maillist@Gallantry.com> To: Christoph Sold <so@server.i-clue.de> Cc: igorr@crosswinds.net, Christoph Sold <so@i-clue.de>, questions@FreeBSD.ORG Subject: Re: Samba and NIS Message-ID: <3AA044BA.6F1AB33E@Gallantry.com> References: <20010302094032.A5369@linux.rainbow> <3A9FA0DF.AD106559@i-clue.de> <20010302164117.A8178@linux.rainbow> <3A9FA662.FF3761A8@i-clue.de>
next in thread | previous in thread | raw e-mail | index | archive | help
If your workstations are Windows 98/2000, or NT 4 with service pack 3 and above, Samba needs to use the encrypted password authentication. In this case, Samba maintains its own password file. However, you can change the Windows registry to force the workstations to use plain text password. This way it probably will work with NIS. I have never done that though. Jason Christoph Sold wrote: > > Igor Robul schrieb: > > > > On Fri, Mar 02, 2001 at 02:32:15PM +0100, Christoph Sold wrote: > > > > > > > > > Igor Robul schrieb: > > > > > > > > Hello, > > > > > > > > Had anybody tried use Samba with NIS authentification on FreeBSD? > > > > > > Although I use both NIS client and Samba server on the same machine, I > > > still have my Samba clients to authenticate against a NT 4 domain. > > > > > > AFAIR, Samba uses its own passwd file, so you have to define either > > > another NIS map manually, or just NFS-mount the directory containing the > > > smbpasswd file. > > I just wish to tell Samba use Unix password, so I don't need maintain > > two password bases. Also, I don't have NT servers on network. > > I know that Samba can be authentificated against NIS+ or LDAP. > > > > >From man smb.conf: > > NOTE ABOUT USERNAME/PASSWORD VALIDATION > There are a number of ways in which a user can connect to > a service. The server follows the following steps in > determining if it will allow a connection to a specified > service. If all the steps fail then the connection request > is rejected. If one of the steps pass then the following > steps are not checked. > > If the service is marked "guest only = yes" then steps 1 > to 5 are skipped. > > 1. Step 1: If the client has passed a username/pass- > # word pair and that username/password pair is vali- > # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > # dated by the UNIX system's password programs then > # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > the connection is made as that username. Note that > this includes the \\server\service%username method > of passing a username. > > Note the sentence above. This means, if _any_ password mechanism can > validate the username/passwd pair, the user will be able to access. Just > add a user account to your unix box. > > HTH > -Christoph Sold > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3AA044BA.6F1AB33E>