Hi there, I am trying to come up with a solution to the current Samba authentication voes on the gateway server for our distributed file system. We currently use smbpasswd file on the gateway server for authentication, which is not a secure way and requires each user to be specifically added in.
I do not have much experience with Samba, so I am still learning quite a bit as I jump from documentation to documentation and look at the relevant source code. My hope is that there is a way around ADS membership for the gateway server. Our gateway server is diskless and as I understand, it would require ADS administrator password everytime it reboots. I would like to delegate the authentication to the metadata server, which can already do the authentication locally, or with ADS. It currently uses ntlm_auth in ntlm-server-1 mode and passes in username/password when accessing the filesystem from a regular client running our file system driver. If I can get the encrypted password to the metadata server, is there a way to use ntlm_auth to play challenge/response game for authentication? It seemed possible from a few posts on the list, but I was unable to find documentation other than the manpage. Using mode = server and the Samba server running on the metadata server as the password server could be another option, but details there are very hazy for me. Thanks, -m. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
