HPE Community
Operating System - HP-UX
1751923 Members
4718 Online
108783 Solutions
New Discussion юеВ

Trusted System and Samba

 
Mark Fenton
Esteemed Contributor

тАО06-19-2004 06:32 AM

тАО06-19-2004 06:32 AM

Trusted System and Samba

Haven't seen this one discussed, or even referenced -- is Samba compatible with trusted system?

We are looking at trusted system to handle some of the security goals we have (user account lockout for failed password attempts, password history and triviality, user auditing) but have requirements for both Samba host and client access to and from the UNIX.

Any insights or directions to where to find info appreciated.
0 Kudos
Reply
9 REPLIES 9
Jonathan Kamminga
Advisor

тАО06-19-2004 08:46 PM

тАО06-19-2004 08:46 PM

Re: Trusted System and Samba

Hi Mark,

I picked up this pdf earlier this year:

http://de.samba.org/samba/docs/Samba-HOWTO-Collection.pdf

Chapter 15 & 16 may be of interest to you...

Rgds,

Jon.
0 Kudos
Reply
Jonathan Kamminga
Advisor

тАО06-19-2004 08:53 PM

тАО06-19-2004 08:53 PM

Re: Trusted System and Samba

Mark,

Looks like this link is broken now, try this one:

http://us1.samba.org/samba/docs/Samba-HOWTO-Collection.pdf

Rgds,

Jon.
0 Kudos
Reply
Mark Fenton
Esteemed Contributor

тАО06-21-2004 04:49 AM

тАО06-21-2004 04:49 AM

Re: Trusted System and Samba

Good link -- I had thought to look on the Samba web site, but was hoping that HP had some specific documentation on the topic that would be helpful.

The link you provided doesn't really address the issue that I'm asking, though.

The issue is that we want to get some of the login and user tracking/control features of HP-UX Trusted System, but so far as I know, CIFS-9000, the HP version of Samba 2.x uses NIS to do a bunch of its work. And as NIS doesn't run under trusted system, this potentially prevents our using CIFS-9000 if we go to 'Trusted system'. Hmmm.

Any other ideas?
0 Kudos
Reply
Steven E. Protter
Exalted Contributor

тАО06-21-2004 06:00 AM

тАО06-21-2004 06:00 AM

Re: Trusted System and Samba

Real Life:

We do it here

3 of the 4 systems I manage are trusted and all 4 systems are running cifs/9000 with shares avaialble.

We have not intergrated the setup into our Primary Domain controller, so we used the smbpasswd -a to set up the users.

One quirk: When the main password expires the old samba password does not. If you want those to change integrate with a PDC or rum the smbpasswd command on a regular basis.

It works nice, no problems no issues, no errors.

To directly deal with your issues you will probably need to intergrate with a domain controller based on the experience posted above.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
John Kittel
Trusted Contributor

тАО06-21-2004 09:52 AM

тАО06-21-2004 09:52 AM

Re: Trusted System and Samba

We are running samba on two of our HP-UX 11i systems, serving file shares to our Windows NT domain PCs. Samba set up to do Domain authentication against our Windows domain controllers ( user logs in on PC to domain, the Samba shares for which the user is enabled are automatically available to the user without re-authenticating). Works great. I learned how to do that with just the standard Samba documentation that comes with the distribution.
0 Kudos
Reply
John Kittel
Trusted Contributor

тАО06-21-2004 09:53 AM

тАО06-21-2004 09:53 AM

Re: Trusted System and Samba

forgot to mention, our HP-UX systems are trusted.
0 Kudos
Reply
Mark Fenton
Esteemed Contributor

тАО06-21-2004 09:54 AM

тАО06-21-2004 09:54 AM

Re: Trusted System and Samba

Thanks, Steve. I only have the one, lonely UNIX box in a Windows Desert, so it's hard to test much before I implement it.

I just was remembering how much trouble I had when the Windows Admin here switched the DNS server to a different box, and the errors I got in trying to go the opposite direction (UNIX to Windows using cifsclient).

Thank you all for your assistance.
0 Kudos
Reply
Darren Prior
Honored Contributor

тАО06-21-2004 09:14 PM

тАО06-21-2004 09:14 PM

Re: Trusted System and Samba

Hi Mark,

I believe you may have got a little confused - CIFS has ties with NFS rather than NIS ;)

As others have stated, there shouldn't be a problem running CIFS on a trusted box. I also run a trusted CIFS server as a test box.

regards,

Darren.
Calm down. It's only ones and zeros...
0 Kudos
Reply
Bharat Katkar
Honored Contributor

тАО06-21-2004 09:22 PM

тАО06-21-2004 09:22 PM

Re: Trusted System and Samba

Hi,
See if this helps.


http://lists.samba.org/archive/samba/1999-October/015043.html

Regards,

You need to know a lot to actually know how little you know
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.