Samba, PAM and LDAP
I have successfully setup Samba 2.2.7, PAM, and Winbind
on a RedHat8 (Linux) computer so that a windows 2000
workstation can login to a Windows 2000 server domain,
and then browse and mapped a drive to Redhat8. All of
the users and groups information are residing on the
Windows 2000 server domain and not on RedHat8.
The limitation of Winbind is that if there are
multiple Linux computer that authenticate to a Windows
2000 server domain, then the same user on a Windows
2000 server domain would have a different UID (user
id) on each Linux computer that is running Winbind.
1) Alternatively, Can I implement the above scenario using LDAP, Samba 2.2.7 and PAM. In this case, Samba and PAM would be in the Linux computer, while the LDAP is in the Windows 2000 server. Of course, the LDAP database is built into the windows 2000 server. In this implementation, the Linux computer, do not contains any user, password, group or smbpasswd information. All users and groups info are in the windows 2000 server.
2) If indeed, the above can be implemented so that multiple Linux computer authenticating to a windows 2000 server will have the same UID and GID for the same user and group, then why is there a need for LDAP, Samba 3.0, and Kerberos authenticating to a windows 2000 server ?
3) What is the different between using using LDAP, Samba 2.2.7 and PAM from using LDAP, Samba 3.0 and Kerberos to authenticate against a Windows 2000 server PDC ?