Disable winbindd?
Craig White
craigwhite at azapple.com
Fri Oct 3 15:14:03 MST 2008
On Fri, 2008-10-03 at 11:17 -0700, Alan Dayley wrote:
> We have a Linux file server providing Windows shares with Samba. We
> need to stop using the Windows domain to authenticate users and use
> the server local user IDs and passwords for share access. I think
> this means we need to disable winbindd. But I'm not sure.
>
> What are the Samba settings we need to change and look at to get this done?
----
to disable winbindd...
A typical Red Hat system would set winbind as an authentication method
in padl_nss (/etc/nsswitch) and you can simply remove winbind from that
file.
to authenticate users from local system (i.e. /etc/passwd )...
you would set 'security = user'
you would have to add each user & password to smbpassdb (typically is a
tdb file since like 3.0.23 but previously was a flat file called
smbpasswd)...
i.e. if there is a POSIX user alan in /etc/passwd
smbpasswd -a alan
(whereupon you would get a prompt to set the samba password for the
samba user alan)
Samba cannot use /etc/passwd|/etc/shadow for passwords unless you
completely disable encrypted passwords (don't do it). Therefore, to have
the password in an encrypted hash that Windows and Samba can use, each
user must exist in the samba 'passdb'
Craig
More information about the PLUG-discuss
mailing list