Salut,
Pour l'instant, mettre un machine Linux avec samba en tant que PDC (ou BDC) dans un
reseau contenant d'autres serveur Windows NT (BDC) n'est pas franchement realisable.
Que cette machine participe a l'authentification des utilisateurs (plus de 1000),
n'est pas realisable.
En plus, si on veut utiliser les outils Microsoft (comme le gestionnaire des serveurs,
gestionnaire des utilisateurs du domain...), cela est impossible.
Seul samba-tng emule une machine NT(PDC ou BDC) et les outils Microsoft ne voient que
du feux.
Jettes un coup d'oeil a WHATSNEW.txt
A+
-----Message d'origine-----
De : Rosaire AMORE [mailto:[EMAIL PROTECTED]]
Envoy� : mardi 24 juillet 2001 17:22
� : [EMAIL PROTECTED]
Objet : Re: [Confirme] samba-tng
Salut
Personnellement, j'ai pu, bien que non sp�cialiste de samba, faire fonctionner un
serveur samba sous Linux de telle sorte qu'� l'autre bout (winmachin) on aurait
cru qu'il y avait un acc�s contr�l� par un PDC NT.
Et c'est pas tr�s dur. Si tu (Andr�) connais NT, tu dois mieux comprendre que la
moyenne les param�tres � fixer dans le /etc/smb.conf (y'en a pas mal dont je ne
sais pas � quoi �a correspond).
J'ai m�me pu faire fonctionner le stockage de profils utilisateurs "s�curis�" sur
le PDC.
Voili
Rosaire
Spl urf a �crit :
> es-tu sur que samba 2.2.0 ne permet pas d'utiliser une station unix
> comme PDC?
>
> Duclos Andre wrote:
>
> > Bonjour a tous,
> >
> > Quelqu'un d'entre vous a deja utilise samba-TNG ? www.samba-tng.org
> > Pour info, samba-tng fait ce que ne fait pas samba : PDC,...
> >
> > Je cherche un smb.conf qui fonctionne en PDC
> >
> > Merci
> >
> > ---------------------------------
> > Andre DUCLOS
> >
> > CS-SI (Centre Spatial Guyanais)
> >
> > Tel : 0594 334421
> > Fax : 0594 333588
> >
> > [EMAIL PROTECTED]
> > ---------------------------------
>
> --
> La densit� de probabilit� de la distribution Fermi-Dirac et
> Bose-Einstein devient la meme que celle de Maxwell-Boltzman a haute
> temperature.
> .
>
>
> ______________________________________________________________________________
> ifrance.com, l'email gratuit le plus complet de l'Internet !
> vos emails depuis un navigateur, en POP3, sur Minitel, sur le WAP...
> http://www.ifrance.com/_reloc/email.emailif
WHATS NEW IN Samba (The Next Generation) 2.6
============================================
This is an ALPHA release of Samba TNG, the UNIX based SMB/CIFS file,
print and login server for Windows systems.
This release is to enlist the help of people who are unable to use
cvs (http://samba.org/cvs.html) in a major development project to
integrate Samba into a Windows NT (tm) Domain environment - the
NT Domains for Unix project.
If you are running Windows 9x and do not forsee the need for or
need to use any Windows NT Workstations on your network in the near
future, you will not need Samba TNG or any of its functionality.
Major changes in Samba TNG
--------------------------
There are many major changes in Samba TNG. Here are some of them:
1). Windows NT (tm) Primary Domain Controller compatibility
-----------------------------------------------------------
Samba TNG can act as a Primary Domain Controller to Windows NT 3.5,
4.0 and 5.0 (in 4.0 backwards-compatible mode) Workstations. Backup
Domain Controller and Inter-Domain Trust Relationships are at an
early, but functional and very hands-on, stage.
2). Support for Windows NT (tm) Administrative tools
----------------------------------------------------
Significant in-roads have been made into providing support for at least
the following Windows NT (tm) tools and services:
- User Manager for Domains
- Server Manager for Domains
- Event Log
- Service Control Manager
- Registry Editor
- Command Scheduler
- NT-style Printing
A command-line tool named rpcclient, with a command-syntax similar to
smbclient, has over sixty five commands that provide equivalent
functionality for the same Windows NT (tm) Administrative tools,
including the ability to remotely shut down a Windows NT (tm) Server.
rpcclient has now been joined by net, samedit, regedit, ntspool,
eventlog, lsa, cmdat and svccontrol. If anyone can think of better
names for these, suggestions are welcomed.
3). Portability
---------------
Samba is now self-configuring using GNU autoconf and libtool, removing
the need for people installing Samba to have to hand-configured
Makefiles, as was needed in previous versions.
You now configure Samba by running "./configure" then "make". See
docs/textdocs/UNIX_INSTALL.txt for details.
The use of libtool dramatically reduces the size of samba binaries.
As we are using libtool in a slightly different way from usual,
you may encounter run-time or compilation errors, so please report
them to us.
4). New SAM Database Daemons
----------------------------
The SAM database daemon, samrd, is being considered "legacy", and
the aim is to replace it. To this end, some new SAM database
daemons are being developed - samrtdbd and samrnt5ldapd.
They will need to be run with their counterparts, netlogontdbd or
netlogonnt5ldapd. None of these are built as part of the standard
make, they have to be explicitly built because they are in
development: samrd and lsarpcd are compiled by default.
5). pam_ntdom and winbindd
--------------------------
The Windows Bind Daemon and the Plugin Authentication Module for NT
Domains are now part of the Samba TNG Development effort.
winbindd presents, when installed using nsswitch, a unix-like view
of a Windows NT Domain environment, allowing Unix applications and
the Unix Operating system to enumerate NT users, groups and aliases
as Unix users and groups.
pam_ntdom, when installed as part of a PAM-enabled Unix Authentication
system, allows Unix users to be authenticated against a Windows NT
Domain environment.
@begin marketing-speak
" The powerful combination of winbindd and pam_ntdom allows Unix
to be integrated seamlessly into Windows NT Domain environments,
which moves us closer to the Holy Grail of 'Single Sign-on'. "
@end marketing-speak
=====================================================================
NOTE - Some important information
---------------------------------
Samba TNG up to alpha-0.3 required that the samba server be joined.
to its own Domain. This requirement has been removed.
It is important that you read the source/README file for
instructions, and it is recommended that you join [EMAIL PROTECTED]
for update information and status reports. For details, please see:
http://lists.samba.org/
=====================================================================
NOTE - Primary Domain Controller Functionality
----------------------------------------------
This version of Samba contains code that correctly implements
the undocumented Primary Domain Controller authentication
protocols. However, there is much more to being a Primary
Domain Controller than serving Windows NT logon requests.
A useful version of a Primary Domain Controller contains
many remote procedure calls to do things like enumerate users,
groups, and security information, 98% of which Samba TNG currently
implements.
This work is being done in the CVS (developer) versions of Samba,
development of which continues at a fast pace. If you are
interested in participating in or helping with this development
please join the Samba-NTDOM mailing list. Details on joining
are available at :
http://lists.samba.org/
Details on obtaining CVS (developer) versions of Samba
are available at:
http://samba.org/cvs.html
For this version, use a tag of SAMBA_TNG
=====================================================================
NOTE - Known Bugs
-----------------
It is *not* recommended that this version of Samba be run in a
production environment, for at least the following reasons:
1) The new MSRPC architecture forks() one MSRPC daemon per incoming
service request. The msrpc daemon stays around for as long as
the remote server maintains a connection to it. An investigation
is underway to attempt to minimise the number of outstanding
connections, because a *single* NT user logon can result in up to
5 or 6 msrpc daemons waiting around, doing nothing but take up
process table space.
Connection reuse has now been added and debugged: the number of
incoming connections is reduced but still fairly large.
2) Windows 9x style domain logons are reported to not work
currently. If we have more information on this, this might be
fixed in the future. Also this version of Samba if mainly
targetted at NT developments.
3) Printing is currently also not completely functional,
because it is being developed in another tree and at times
we try to merge this back into this tree.
=====================================================================
If you have problems, or think you have found a bug please email
a full, detailed report to:
[EMAIL PROTECTED]
As always, all bugs are our responsibility.
Regards,
The Samba Team.
