LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 03-25-2003, 10:13 AM   #1
BoldKiller
Member
 
Registered: Apr 2002
Location: Montreal, Quebec
Distribution: Debian, Gentoo, RedHat
Posts: 142

Rep: Reputation: 15
User database


I am working in a mixed Win NT/2000 and Linux environment.

I was wondering if there was a way to share the user account between the two. I know samba can use NT domain controller to authenticate users wanting to acces a share but I need more than that.

The best would be to create one set of user name and password in one environment, and be able to use it to log on the linux boxes as well as on the Win NT/2000 boxes.

Thanks for any help.
 
Old 03-25-2003, 10:58 AM   #2
mcleodnine
Senior Member
 
Registered: May 2001
Location: Left Coast - Canada
Distribution: s l a c k w a r e
Posts: 2,731

Rep: Reputation: 45
You want to give NT usernames shell access to the linux boxes?
 
Old 03-25-2003, 11:11 AM   #3
BoldKiller
Member
 
Registered: Apr 2002
Location: Montreal, Quebec
Distribution: Debian, Gentoo, RedHat
Posts: 142

Original Poster
Rep: Reputation: 15
Not exactly, (sorry if it was unclear)

let me give an example.

A new person needs an account to work. I log in my NT box (as admin) open user domain manager and create a new username for the guy with a password. Now, the guy can log on every Windows workstation that uses my domain controller.

Now what if the guy as to go sit in front of a linux workstation. he needs to log in. But his username and password he was using in Windows, is not valid on the linux box. So I would need to log on linux as root, create a new user and password for the guy.

Now the problem is when the guy want's to change is password, he needs to change his password at two places.

I was wondering if there were a way, either for linux or windows, to use the user database of the other one.

I suspect it would be aesier for linux to use windows user database than the other way around.

Sorry again if the first post was not completely clear.
And thanks for the fast answer.
 
Old 03-28-2003, 02:20 PM   #4
BoldKiller
Member
 
Registered: Apr 2002
Location: Montreal, Quebec
Distribution: Debian, Gentoo, RedHat
Posts: 142

Original Poster
Rep: Reputation: 15
Does it (the absence of reply) mean it can't be done??
 
Old 03-28-2003, 02:40 PM   #5
Blindsight
Member
 
Registered: Mar 2003
Distribution: Slackware
Posts: 234

Rep: Reputation: 30
user logins

I would give linux access on a per user basis. Meaning, not everyone's going to use linux. (Or perhaps for your purposes they would?) But anyway, you'd only be cluttering your linux box by adding every user that's on the domain to it.

If you wanted to make it easier for yourself, you could write a little cgi/html form to add the user to the linux box for you, though it should only take a few seconds to add a user to your linux box anyway.

Comments, complains, b*tches, moans? Let me know what you think or if my understanding needs improved.
 
Old 03-28-2003, 03:13 PM   #6
SlickWilly
Member
 
Registered: Dec 2002
Posts: 327

Rep: Reputation: 30
au contraire...

>Let me know what you think or if my understanding needs improved.

Let me enlighten you my friend.

http://nic-ks.greatplains.net/samba/winbind.html

winbind.

contained within samba 2.2. Lets you authenticate users on your linux box against your Windows PDC without creating entries in /etc/passwd

The link above is a nice one - gives you an overview of what winbind is, and a how-to on getting it configured.

Life is good... flowers are pretty, and users are happy

Slick.
 
Old 03-28-2003, 03:53 PM   #7
bahamat
Member
 
Registered: Mar 2003
Distribution: Debian
Posts: 158

Rep: Reputation: 30
Set up Samba to be the PDC and force all NT boxen to authenticate against it.

You now have a single point of authentication.
 
Old 03-28-2003, 04:08 PM   #8
SlickWilly
Member
 
Registered: Dec 2002
Posts: 327

Rep: Reputation: 30
Um.. no.

Sorry to say this, but Windows 2000 will not play nicely with a samba pdc.

As it stands, at this minute in time, you can't reliably set up a samba machine to be a pdc while Windows 2000 machines are joining up.

When samba TNG is finished you might be able to do that, but currently your best *stable* *working* environment is to host the PDC on a 2k machine and have your linux authenticate to the windows machine.

This guy is in a *corporate* environment and no matter how well your (or my) home networks work with our 2 or 3 machines doing smb'ish things back and forth, it simply doesn't translate into a workplace where you have many users, admin tasks and stuff you do with domains that don't happen at home.

I could be out of date on this, but when I last looked at SambaTNG it wasn't ready yet, and you certainly can't do this with Samba 2.x

Slick.
 
Old 03-28-2003, 04:35 PM   #9
Blindsight
Member
 
Registered: Mar 2003
Distribution: Slackware
Posts: 234

Rep: Reputation: 30
eh

I wasn't asking if someone else thought their idea superseded my own, I was asking if my understanding of his situation was being accomplished.

In a networking environment I admin, I know that I don't want all users to f*ck with linux. This increases the load on the help desk for someone that wants to mess with the server in their free time for non-work related issues. (even if we had to tell them that when they called, that's still a load that needs considered.) Not mentioning the load put on the server. And, of course, there's the "power user" profile, among many others that would just add added strain to the server.

In conclusion, winbond may be great in an environment where all users knew both sides of the OS house for general operating purposes, but this utopia doesn't exist in a large scale office.

Last edited by Blindsight; 03-28-2003 at 04:36 PM.
 
Old 03-28-2003, 06:40 PM   #10
BoldKiller
Member
 
Registered: Apr 2002
Location: Montreal, Quebec
Distribution: Debian, Gentoo, RedHat
Posts: 142

Original Poster
Rep: Reputation: 15
Thanks slickwilly, that is exactly what I was looking for. Having the linux boxes as part of the domain is perfect. It will reduce problem with double passwords and so on.

Blindsight:
Your points are extremely valid, but all the users in my situation are computer engineers and programmers. We all need access to both windows machines and linux machines.

Although I have not finished reading the doc, I suppose winbind is able to control user access on linux in the same way you can do it in a win NT environment. If it is the case, all the user security settings can be easily modified from one single location.

(example: if someone quits, his login can be remove from the systems easily. Windows or linux alike)

Thanks again.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
creat MySQL database for each user ? Data-Base SUSE / openSUSE 3 03-07-2005 03:42 PM
MySQL - command - create user/single database dmedici Linux - Software 3 06-21-2004 04:17 PM
The User Database Cannot be Read andrewrees Linux - Newbie 1 05-01-2004 03:44 PM
User database management homerjpbody Linux - Newbie 1 12-01-2003 04:10 PM
Central user database? darkfame Linux - Networking 1 11-02-2003 05:48 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 01:30 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration