Hi - I have been attempting to set up Samba to do authentication against a Windows 2K Domain Controller as well as NT PDCs. I have installed Winbindd, Samba, and compiled with PAM and updated my smb.conf, pam.conf file and the other stuff in the installation guide. The objective of all of this is to allow an application running on top of Solaris to authenticate the users logging into the application against an Active Directory or NT domain.
We do not want to maintain any of these users as UNIX accounts or even Samba accounts if we can help it. When I read through the man pages and HowTo documentation it at first seemed that this was possible using Winbindd and PAM. Upon closer investigation it looks like the users must have UNIX accounts and smbpasswd accounts to enable the challenge/response authentication - is this true? I am also confused as to whether PAM is relevant since the majority of documentation states that it only works with clear-text passwords and W2K and NT require passwords to be encrypted. Can someone elaborate on this relationship please? I am about ready to give up and say that this cannot be done. BTW - I can run through the DIAGNOSIS.txt tests successfully up to Test 7 and the user accounts I am testing with are valid in AD. In addition, I have read through many of the mailing list postings and the error I get back on test seven is the same as many others - NT_STATUS_LOGON_FAILURE, the log says - auth2 challenge failed - NT_STATUS_ACCESS_DENIED. Thanks in advance for your help - Christine Adcock Content Management Team BV Solutions Group, Inc. 10950 Grandview Drive Overland Park, Kansas 66210 (913)458-2332 mailto:[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
