[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: psm_smb



On Thu, Jul 25, 2002 at 03:39:29PM -0500, Mike Renfro wrote:
> On Thu, Jul 25, 2002 at 02:51:24PM -0500, Steve Langasek wrote:
> > On Thu, Jul 25, 2002 at 04:20:57PM -0400, Subba Gaddamadugu wrote:
> > > can pam_smb be used for NTLM authentication?

> > For passing authentication through to a Windows domain, you should use
> > pam_winbind instead.  pam_smb is no longer maintained.

> Is there any way with pam_winbind to keep UIDs in sync across multiple
> machines? At one time, we had looked at using winbind for
> authenticating our Linux and Solaris hosts to our PDC, but the UID
> mismatching among machines was a major stumbling block. We replaced it
> with a combination of pam_smb and synchronizing local /etc/passwd
> files among the hosts.

> Is there a simple way to have one machine (the file server would be a
> primary candidate) handle winbind, and then offer UIDs to the other
> hosts via ldap or some other network method, in effect chaining the
> authentication process?

Not really, because there's no good way to inject the information from
winbind into LDAP.  However, if you had a Samba domain controller, you
could have all of your SID->UID mappings made available via LDAP, and
share these out to all Unix machines equally.

Steve Langasek
postmodern programmer

Attachment: pgp00008.pgp
Description: PGP signature


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []