Hello:
Yashpal Nagar wrote,
> Dear All,
> I have hetrogeneous network of win2k, windoz NT ,win98 and windows XP.
Don't we all! ;)
> Now i have installed mail server on sendmail, with squid and now
> running samba in his own domain. I have made the POP3 users as the
> system level accounts. i.e PAM,
> NOW what i want to ask is that is it possible that all the windoz m/c gets
> authenticated for login into the windows , browsing (through squid) ,and
> email (already happening ...) through linux m/c which uses PAM.
You can force all SMB authentication to /etc/passwd via PAM by disabling
encrypted password an all your Win9x/NT/XP workstations and servers. You
can find the .reg for enabling plain text passwords in the Samba
package.
BUT, I would advice against this unless you are not at all concerned
about people snooping for passwords on your network. The other downside
is that you _might_ end up breaking a lot of PDC functionality by not
using NT/LM hashes.
> But samba does has it's own authenticating module SMB, Can it be
> configured to use PAM authentication or any one of them. Please
> assist something so that all the authentication is through PAM or SMB
> only.
A better solution would be to force all auth to the Samba password
backend (smbpasswd) using the pam_smb module.
User -> PAM -> pam_smb -> Samba -> smbpasswd
Windows -> Samba -> smbpasswd
This get you the following:
- Hashed passwords
- Single password backend
- Efficient password changes
- PAM compatibility
- Single Sign On (SSO) solution
Moreover, this is a scalable solution too. If you add more servers later,
you can run the Samba "winbind" daemon on every UNIX server for
authentication against the Samba (or Windows) PDC.
-- Shanu
--
Be valiant, but not too venturous.
Let thy attire be comely, but not costly.
-- John Lyly
_______________________________________________
linux-india-help mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/linux-india-help
