[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
On Fri, 23 Sep 2011, Rob Beard wrote:
On 23/09/11 16:45, Gordon Henderson wrote:Bit of an oddity here... Got a small network of Linux servers, all running NIS and exporting filesystems via NFS - works well. They now need Win clients to access it, so the obvious answer is Samba. That's fine, but authentication is the issue - what gives these days? The last time I did anything non trivial, I arranged samba to authenticate to the Linux password file (via NIS), which worked really well, and punters used the same login/password to access shares on several servers, however it required the clients to have the "enable plain-text password" registry setting which I understand is deprecated these days. Any suggestions? It's really quite some time since I've looked at all this for anything other than a trivial installation.Personally for my own server I add the users as normal users and then use smbpasswd -a username to add the user and create a samba password for them. However I gather it is possible to use LDAP too, I just never really looked into it that hard.
That's basically what I've done for now - LDAP might be the answer to "everything", but right now it's not on the cards. (There are time contraints to this too)
On my machines I haven't used the plain text registry hacks in a few years, I remember using them years ago (probably about 2003/2004) with Samba, but at least with the Samba version that comes with Ubuntu Server 10.04 (3.4.7) it doesn't need the registry modification.
The big issue is having 2 password files - on a single server - on multiple servers (I have 4 Linux servers) the bigger issue is allowing the clients to connect to a 'drive' on each server using the same username & password (and it's OK right now to have to login to each server to mount a network drive - very few people will need more than 2).
Maybe give them the choice? If they're running XP Home, Vista Home or Windows 7 Home then they won't be able to join the domain anyway, but as long as their username and password is the same as on the domain then they won't have to manually login to the server when they want to access something on it.
There are PCs/Laptops running 'home', so the while domain thing is probably not a good idea - at least to start with.
Having to logon to each server will be OK if it comes to that, as long as they all use the same username/password (per person)
Cheers, Gordon -- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/listfaq