- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Samba authentication to Windows
Operating System - HP-UX
1820879
Members
5207
Online
109628
Solutions
Forums
Categories
Company
Local Language
юдл
back
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Discussions
Forums
Forums
Discussions
юдл
back
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Blogs
Information
Community
Resources
Community Language
Language
Forums
Blogs
Topic Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-30-2003 10:35 AM
тАО04-30-2003 10:35 AM
Samba authentication to Windows
Hi All, I have my unix servers to authenticate to windows. When a user changes his or her password on Unix, they don't need to change it on unix. we also have samba running on Unix. Now when a user changes password on windows, he or she has to go back and change the samba password. It looks like samba doesn't authenticate to the windows server. Everytime a user changes windows password, they have to go back in and change samba password. Here is a attachement of my smb.conf file. Any help is greatly appreciated. Management is on my tail to get this issue resolved asap. I will forever be grateful.
# Global parameters
[global]
workgroup = CORP
netbios name = TINMAN
security = DOMAIN
encrypt passwords = Yes
min passwd length = 6
username map = /usr/local/samba/lib/username.map
kernel oplocks = No
invalid users = root daemon bin sys adm uucp lp nuucp hpdb www
create mask = 0775
directory mask = 0775
oplocks = No
guest account = smbnull
log file = /usr/local/samba/var/log.%m
log level = 3
debug timestamp = Yes
max log size = 4096
[homes]
comment = Home Directories
read only = No
browseable = No
# Global parameters
[global]
workgroup = CORP
netbios name = TINMAN
security = DOMAIN
encrypt passwords = Yes
min passwd length = 6
username map = /usr/local/samba/lib/username.map
kernel oplocks = No
invalid users = root daemon bin sys adm uucp lp nuucp hpdb www
create mask = 0775
directory mask = 0775
oplocks = No
guest account = smbnull
log file = /usr/local/samba/var/log.%m
log level = 3
debug timestamp = Yes
max log size = 4096
[homes]
comment = Home Directories
read only = No
browseable = No
6 REPLIES 6
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-30-2003 10:40 AM
тАО04-30-2003 10:40 AM
Re: Samba authentication to Windows
Lots of docs you.
Jioning samba server to domain.
http://docs.hp.com/cgi-bin/fsearch/framedisplay?top=/hpux/onlinedocs/B8725-90021/B8725-90021_top.html&con=/hpux/onlinedocs/B8725-90021/00/00/34-con.html&toc=/hpux/onlinedocs/B8725-90021/00/00/34-toc.html&searchterms=authenticate%7cwindows%7cCIFS&queryid=20030430-123737
Pam authentication/inegration.
http://search.hp.com/redirect.html?url=http%3A//forums.itrc.hp.com/cm/QuestionAnswer/1,,0x4225f608743fd711abdc0090277a778c,00.html&qt=CIFS+%2Bauthenticate+%2Bwindows&hit=1
Samba Server overview.
http://docs.hp.com/cgi-bin/fsearch/framedisplay?top=/hpux/onlinedocs/B8725-90021/B8725-90021_top.html&con=/hpux/onlinedocs/B8725-90021/00/00/41-con.html&toc=/hpux/onlinedocs/B8725-90021/00/00/41-toc.html&searchterms=authenticate%7cwindows%7cCIFS&queryid=20030430-123737
Authentication on an NT-Domain
http://search.hp.com/redirect.html?url=http%3A//forums.itrc.hp.com/cm/QuestionAnswer/1,,0xc960ef70e827d711abdc0090277a778c,00.html&qt=CIFS+%2Bauthenticate+%2Bwindows&hit=5
Configuration help
http://search.hp.com/redirect.html?url=http%3A//forums.itrc.hp.com/cm/QuestionAnswer/1,,0x601736e69499d611abdb0090277a778c,00.html&qt=CIFS+%2Bauthenticate+%2Bwindows&hit=9
SEP
Jioning samba server to domain.
http://docs.hp.com/cgi-bin/fsearch/framedisplay?top=/hpux/onlinedocs/B8725-90021/B8725-90021_top.html&con=/hpux/onlinedocs/B8725-90021/00/00/34-con.html&toc=/hpux/onlinedocs/B8725-90021/00/00/34-toc.html&searchterms=authenticate%7cwindows%7cCIFS&queryid=20030430-123737
Pam authentication/inegration.
http://search.hp.com/redirect.html?url=http%3A//forums.itrc.hp.com/cm/QuestionAnswer/1,,0x4225f608743fd711abdc0090277a778c,00.html&qt=CIFS+%2Bauthenticate+%2Bwindows&hit=1
Samba Server overview.
http://docs.hp.com/cgi-bin/fsearch/framedisplay?top=/hpux/onlinedocs/B8725-90021/B8725-90021_top.html&con=/hpux/onlinedocs/B8725-90021/00/00/41-con.html&toc=/hpux/onlinedocs/B8725-90021/00/00/41-toc.html&searchterms=authenticate%7cwindows%7cCIFS&queryid=20030430-123737
Authentication on an NT-Domain
http://search.hp.com/redirect.html?url=http%3A//forums.itrc.hp.com/cm/QuestionAnswer/1,,0xc960ef70e827d711abdc0090277a778c,00.html&qt=CIFS+%2Bauthenticate+%2Bwindows&hit=5
Configuration help
http://search.hp.com/redirect.html?url=http%3A//forums.itrc.hp.com/cm/QuestionAnswer/1,,0x601736e69499d611abdb0090277a778c,00.html&qt=CIFS+%2Bauthenticate+%2Bwindows&hit=9
SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-30-2003 10:44 AM
тАО04-30-2003 10:44 AM
Re: Samba authentication to Windows
Key text.
Step-by-step Procedure
Choose "Domain Member Server" when executing samba_setup. When prompted, you will need to add your domain Member Server machine account to the PDC.
For Windows NT: Go to the Windows NT PDC and create a machine account for the CIFS/9000 Member Server by performing the following steps:
Open the "start/programs/administrator/tools/server manager" tool.
Select the "computer/add to domain" icon and enter the host name of the CIFS/9000 Server.
Choose the "Windows NT Workstation or Server" option when you are asked for the computer type.
For Windows 2000: Go to the Windows 2000 PDC and create a machine account for the CIFS/9000 Member Server by using the Active Directory Controller Wizard.
The CIFS/9000 Server only supports NTLM security.
For Samba (including CIFS/9000): Go to the Samba Server acting as a PDC and create a machine account for the CIFS/9000 Member Server by following the steps provided in Chapter 4 section titled, "Create a Machine Trust Account." samba_setup will then perform the following commands for you:
smbpasswd -j NTDOM -r DOMPDC
The NTDOM parameter is the Windows NT domain name.
The DOMPDC parameter is the NetBIOS name of the Windows PDC machine.
Verify the following parameters in the smb.conf file:
[global]
security = domain
workgroup = NTDOM #Window NT or Samba Domain name
password server = DOMPDC
encrypt passwords = yes
SEP
Step-by-step Procedure
Choose "Domain Member Server" when executing samba_setup. When prompted, you will need to add your domain Member Server machine account to the PDC.
For Windows NT: Go to the Windows NT PDC and create a machine account for the CIFS/9000 Member Server by performing the following steps:
Open the "start/programs/administrator/tools/server manager" tool.
Select the "computer/add to domain" icon and enter the host name of the CIFS/9000 Server.
Choose the "Windows NT Workstation or Server" option when you are asked for the computer type.
For Windows 2000: Go to the Windows 2000 PDC and create a machine account for the CIFS/9000 Member Server by using the Active Directory Controller Wizard.
The CIFS/9000 Server only supports NTLM security.
For Samba (including CIFS/9000): Go to the Samba Server acting as a PDC and create a machine account for the CIFS/9000 Member Server by following the steps provided in Chapter 4 section titled, "Create a Machine Trust Account." samba_setup will then perform the following commands for you:
smbpasswd -j NTDOM -r DOMPDC
The NTDOM parameter is the Windows NT domain name.
The DOMPDC parameter is the NetBIOS name of the Windows PDC machine.
Verify the following parameters in the smb.conf file:
[global]
security = domain
workgroup = NTDOM #Window NT or Samba Domain name
password server = DOMPDC
encrypt passwords = yes
SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-30-2003 10:46 AM
тАО04-30-2003 10:46 AM
Re: Samba authentication to Windows
In our setup we ask user to keep common password for both windows and Unix.
Say if the user changes his password on windows then user has been forced to change the password on unix if he/she wants to share samba drive. We don't use a separate password exclusively for samba.(Cifs)
-USA..
Say if the user changes his password on windows then user has been forced to change the password on unix if he/she wants to share samba drive. We don't use a separate password exclusively for samba.(Cifs)
-USA..
Good Luck..
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-01-2003 03:47 AM
тАО05-01-2003 03:47 AM
Re: Samba authentication to Windows
There are 2 possible scenarios for cifs logins
in win 2k environment:
Traditional -
unix accounts/groups/passwords are local (/etc/passwd) or NIS/NIS+(LDAP) directory services.CIFS logins are mapped accordingly to
the user_map file,checked vs /etc/passwd.
Win accounts are on DC of course.Win/UX CIFS
client authenticates through DC.
So here you have 2 sources of authentication.
another scenario is when LDAP client is installed on HP-UX and uses Active Directory on
win2k for lookups,hp-ux clients can authenticate with Kerberos installed on DC,win clients should authenticate with Active Directory (i suppose ).In NT4 env - no AC therefore scenario wouldn't work.I know though
that CIFS/9000 client includes PAM module,can
play around with this.
And last one - need JFS 3.3 with ACL for file permissions schemes to work as on win2k.
Phaff..thats all I think,
Best regards,
Zeev
in win 2k environment:
Traditional -
unix accounts/groups/passwords are local (/etc/passwd) or NIS/NIS+(LDAP) directory services.CIFS logins are mapped accordingly to
the user_map file,checked vs /etc/passwd.
Win accounts are on DC of course.Win/UX CIFS
client authenticates through DC.
So here you have 2 sources of authentication.
another scenario is when LDAP client is installed on HP-UX and uses Active Directory on
win2k for lookups,hp-ux clients can authenticate with Kerberos installed on DC,win clients should authenticate with Active Directory (i suppose ).In NT4 env - no AC therefore scenario wouldn't work.I know though
that CIFS/9000 client includes PAM module,can
play around with this.
And last one - need JFS 3.3 with ACL for file permissions schemes to work as on win2k.
Phaff..thats all I think,
Best regards,
Zeev
So computers don't think yet. At least not chess computers. - Seymour Cray
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-01-2003 03:56 AM
тАО05-01-2003 03:56 AM
Re: Samba authentication to Windows
Sanjay,
Ah,also try these two:
password server =
unix password sync = Yes
Best regards
Zeev
Ah,also try these two:
password server =
unix password sync = Yes
Best regards
Zeev
So computers don't think yet. At least not chess computers. - Seymour Cray
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-01-2003 06:00 AM
тАО05-01-2003 06:00 AM
Re: Samba authentication to Windows
Sanjay,
If you want only user authentication from w2k lock the account on unix side.
James
If you want only user authentication from w2k lock the account on unix side.
James
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.
Company
Learn About
News and Events
Support
© Copyright 2025 Hewlett Packard Enterprise Development LP