[PLUG] authentication

Christopher N. Deckard cnd@ecn.purdue.edu
Mon, 01 Oct 2001 07:46:46 -0500 

Use SAMBA.  Use the following for a base domain logon thing.

</etc/samba/smb.conf>

[global]
         security = user
         status = yes
         workgroup = YOURWORKGROUP
         server string = %h server (Samba %v)
         encrypt passwords = Yes
         domain logons = yes
         # This automounts the home dir for the us
         logon home = "\\%L\%U"
         # This is the drive that it gets mounted under
         logon drive = H:
         # Location of the place where the profile gets stored
         logon path = "\\%L\%U\WIN\profile.pds"
         # You can create logon scripts here
         logon script = scripts\%U.bat
         # admin group, I'm not sure yet how this works...
         domain admin group = @adm
         # Allows for login of the root user under windows
         domain admin users = root
         os level = 65
#       add user script = /usr/sbin/adduser =n -g machines -c Machine
         update encrypted = Yes
         passwd program = /usr/bin/passwd %u
         passwd chat = *Enter\snew\sUNIX\spassword:* %n\n 
*Retype\snew\sUNIX\spassword:* %n\n .
         syslog = 2
         debug level = 0
         max log size = 1000
         socket options = IPTOS_LOWDELAY TCP_NODELAY SO_SNDBUF=4096 
SO_RCVBUF=4096
         preferred master = True
         local master = Yes
         domain master = True
         dns proxy = No
         invalid users = root

<//etc/samba/smb.conf>

http://us4.samba.org/samba/ftp/docs/textdocs/

Look at DOMAIN.txt and NTDOMAIN.txt.  There are other docs, and there is 
a how-to, but I can't find it without spending more time.  The samba 
distribution also comes with most of the docs.

I still need to work on managing windows groups and getting some 
programs to store their data on the network drive.  Outlook express 
likes to store everything locally.  This is bad as it doesn't get copied 
to the server at any point.  The above configuration only copies the 
profile back and forth from the server at login/logout.  It does do 
domain authentication.  You will also need to add an entry to 
/etc/passwd for the machine.  Read the docs on doing that as I don't 
remember all the steps.  Hope that points you in the right direction. 
Good luck.

-Chris

Brent Meshier wrote:

> Can someone describe how one would setup a Linux server to authenticate
> windows logins?  ie: when user logs into windows 98/2k box, it queries the
> linux box for correct username/password.  Once logged in they should be able
> to mount their home directory via samba.