HPE Community
Operating System - HP-UX
1819743 Members
3081 Online
109606 Solutions
New Discussion юеВ

Re: Multiple password server in samba

 
PVR
Valued Contributor

тАО08-23-2004 02:51 AM

тАО08-23-2004 02:51 AM

Multiple password server in samba

Hi Champs

I want to give authorization from users of two different domains to HP Unix samba server.

Can I specify multiple password servers in the "password server" option"

Thanks !!
Don't give up. Try till success...
0 Kudos
Reply
5 REPLIES 5
Franky_1
Respected Contributor

тАО08-23-2004 02:59 AM

тАО08-23-2004 02:59 AM

Re: Multiple password server in samba

Hi,

you can specify a list of comma separated servers
For example

password server = ,

Regards

Franky
Don't worry be happy
0 Kudos
Reply
Franky_1
Respected Contributor

тАО08-23-2004 03:00 AM

тАО08-23-2004 03:00 AM

Re: Multiple password server in samba

Hi,

you can specify a list of comma separated servers
For example

password server = ,

(Server1 could be a PDC and Server2 a BDC for example)

Regards

Franky
Don't worry be happy
0 Kudos
Reply
Jeff_Traigle
Honored Contributor

тАО08-23-2004 03:02 AM

тАО08-23-2004 03:02 AM

Re: Multiple password server in samba

Don't think so. Multiple entries in the "password server" entry are intended for redundancy only according to the smb.conf man page. (i.e. If the first DC in list isn't responding, the next one is tried.)
--
Jeff Traigle
0 Kudos
Reply
Sundar_7
Honored Contributor

тАО08-23-2004 05:38 AM

тАО08-23-2004 05:38 AM

Re: Multiple password server in samba

hmm I doubt it. As mentioned above, multiple password servers in the smb.conf file is meant for load balancing and to prevent single point of failure.

But if your domains are trusted, you could give it a try. Try both security=domain and security=server options.
Learn What to do ,How to do and more importantly When to do ?
0 Kudos
Reply
eric roseme
Respected Contributor

тАО08-23-2004 05:51 AM

тАО08-23-2004 05:51 AM

Re: Multiple password server in samba

It's true that the "password server" smb.conf parm allows multiple entries for redundancy only. But your question about "password server" implies that you were inquiring about the ability to join multiple domains from one server, which you cannot do. When you join a domain, your encrypted domain trust password is written to /var/opt/samba/private/secrets.tdb. You cannot have two domain passwords in the tdb, or two secrets.tdb files (in case you were thinking about using smb.conf includes).

However, that is not your only option.

If your Samba logon domain is trusted by the other domain, your Samba pass-through authentication for the trusting user will be validated, assuming that you have local UNIX users set up. Samba 3.0 with winbind has better trusting and mapping than 2.2, but 2.2. will work too.

Also, you can use "user" security on your Samba server and not join either domain. Then you will authenticate each user share access with the local Samba server authentication (probably smbpasswd, but on 3.0 you can specify other password tdb backends with the passdb smb.conf parm).

Eric
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.