Hi,
Samba 2.2.2 is out and the winbind daemon is now part of the standard
Samba distribution. Unfortunately, Tru64 is considered unsupported for
winbind.
Winbind has two functions:
The first is to allow the system to enumerate users and groups in an NT
domain (when samba is in domain authentication mode) and to create a
local mapping to the NT accounts and groups. A range of UIDs and GIDs
are used by the mapping function. This allows winbind to generate
pseudo password and group files that can be passed to supported systems
via the nsswitch (name service switch), in a similar fashion as YP and
LDAP users are passed to the system.
The second is to allow for authentication of users (for logins) against
the NT domain. This is accomplished via PAM on supported systems.
I've got little interest in the second function, but I do have great
interest in the first. It should allow you to control access to a
samba share by using the NT groups on the domain!
Unfortunately, Tru64 does not use the extensible nsswitch system that
Solaris and Linux uses. We have the svc.conf which only understands
local (files), yp, and bind (hostnames only). This effectively locks
us out of using this system to access winbind data.
I have seen references to an SIA module to allow access to account data
on LDAP servers. Are there any SIA experts out there working on, or
interested in working on, an SIA module for winbind? I keep seeing
presentations where Compaq proclaims the superiority of the SIA system
over PAM and similar systems, but nobody ever seems to code anything
for it.
Thanks in advance,
Tom
--
+-----------------------------------+---------------------------------+
| Tom Webster | "Funny, I've never seen it |
| SysAdmin MDA-SSD ISS-IS-HB-S&O | do THAT before...." |
| webster_at_ssdpdc.lgb.cal.boeing.com | - Any user support person |
+-----------------------------------+---------------------------------+
| Unless clearly stated otherwise, all opinions are my own. |
+---------------------------------------------------------------------+
Received on Tue Nov 13 2001 - 20:37:28 NZDT