Hi all! I was hoping someone could point me in the right direction...
I am running Solaris10, and 3.04 Samba (we might use 3.0.32)
What I want to do:
I want to provide samba shares to our Windows clients with single sign on
Currently what I have:
I have a samba server providing shares for the windows clients
I manually use the following command for every user
smbpasswd -a username
default pass
confirm default pass
Now, to provide single sign on...
The user has to press CTRL + ALT + DEL and point to our Samba server;
input username and default pass and then use their current AD password which will provide promptless access to our samba shares as long as their AD password and smbpasswd are the same.
Now the problem is that the AD passwords change every month which makes this manual intervention rather tedious...
My Question:
I wanted to know what is the simplest (and best) way to provide synced AD password and Samba password, so when a user changes their AD password, the smbpasswd will be updated as well.
Now is this even possible?
Please let me know, as I am still learning and I am a little stumped...
If anyone knows any good docs, or correct terminology to help me search for this more appropriately, it would be greatly appreciated!!
Looking over the samba docs ( http://us3.samba.org/samba/docs/using_samba/ch04.html ) I believe what you need is "Samba as a Domain Member Server" so that Samba will pass off auth details to the domain controller instead of managing its own list of accounts.
My experience with AD and Samba is very limited so I might be way off course; I posted what seemed to make sense to me and is a best guess.
Is there anybody out there that knows of a solution?
We have an LDAP server that can query for AD information; we can make our Solaris box running the Samba server an LDAP client but currently the box is setup with NIS
Is there any other possible way for AD to update the smbpasswd on the Samba server so users would only need to change their AD password once every few weeks as opposed to changing their AD password as well as their smbpasswd?
Any solutions with Samba or cheap alternatives?
Any help of any sort would be greatly appreciated!