Subject: Re: We love DHX. As for Samba...
From: Matthew Geier (matthew@arts.usyd.edu.au)
Date: Mon Sep 25 2000 - 23:00:04 EDT
andrew morgan wrote:
>
> On Mon, 25 Sep 2000, Marc Miller wrote:
>
> > We use NIS for most of our password validation, so we've been very pleased
> > with the availability of DHX login encryption. Now, I know this is a bit
> > off-topic, but I wasn't sure if the SMB folks would even know what DHX
> > was. Is there a way to have the password encrypted during transmission to
> > be compared to the NIS database? (I'm told it would be a relatively
> > simple matter if our passwords were in the /etc/passwd file)
>
> I'm not sure what you are asking here exactly...
>
> If you are asking if you can DHX encrypted mac logins with NIS, then the
> answer is yes. The DHX module should use regular getXXbyYY calls, which
> will include NIS information. This works with PAM as well.
If you mean 'why doesnt samba use DHX and thus not need the smbpasswd
file', blame M$. Apple provided multiple authentication methods and the
latest one is good for Unix systems, Apples' 'Rannum' can't be used with
the Unix password file either. Samba however has to work with the Lanman
hash system M$ uses. If you want to use NIS with windows NT (and Samba)
there is a replacement 'GINA' that uses NIS for authentication not M$
domain protocol. However the replacement doesnt have the same
functionality as the M$ domain authentication module.
-- Matthew Geier matthew@arts.usyd.edu.au Arts IT Unit +61 2 9351 4713 Sydney University
This archive was generated by hypermail 2b28 : Wed Jan 17 2001 - 14:32:14 EST