Koozali.org: home of the SME Server

Legacy Forums => Experienced User Forum => Topic started by: Dale Olberding on June 25, 2002, 07:38:21 PM

Title: Synchronize SME user accounts to Win2K
Post by: Dale Olberding on June 25, 2002, 07:38:21 PM

I am currently using an E-smith box as a domain controller.  I have all the users set up in the E-smith box.  I plan on adding a Win2K machine to my network for file storage and backup.  I was wondering if there is a way to synchronize the accounts from the SME box to the Win2K box.  I plan on leaving the E-Smith box as the domain controller, but I would like to add security on the Win2K directory structure using the user accounts on the SME box so I don't have to give the Everyone group permissions to the files.  Is this possible, or should I make the Win2K box the domain controller?

Title: Re: Synchronize SME user accounts to Win2K
Post by: Tyrone C. Miles on June 25, 2002, 08:55:45 PM

As far as I know it can't be done. There is no way to sync the Samba accounts with Win 2k. Even if you make the Win 2k server the Controler you will still have to make your e-smith accounts by hand.

Title: Re: Synchronize SME user accounts to Win2K
Post by: chris meredith on June 25, 2002, 09:51:14 PM

I think the newer versions of SAMBA can participate in an Active Directory domain if it is in mixed mode (supporting NT 4 DC).  Check samba.org for info.

Title: Re: Synchronize SME user accounts to Win2K
Post by: Damien Curtain on June 26, 2002, 03:21:47 AM

You shouldn't need to have the accounts local to secure the filesystems on the win2k machine.

You will need to modify the default permissions for each drive, there's many guides on the steps actually required to secure a filesystem on win2k.

Then when your setting security in the appropriate tab you select the domain rather than the local machine and then set permissions accordingly.
--
 Damien

Title: Re: Synchronize SME user accounts to Win2K
Post by: ralph on June 26, 2002, 01:08:45 PM

Hi Dale,
you will have to add your Win2k box to your samba domain ( as a member server ). Doing so will enable you to select users / groups from your domain as security principals on the win2k filesystem security dialog.

cheers,

Ralph

Title: Re: Synchronize SME user accounts to Win2K
Post by: Craig on June 26, 2002, 04:13:42 PM

I have been looking at this on and off for a little while.

I have some links with some infor that you may find very interesting I have listed them below:

http://www.css-solutions.ca/ad4unix/index.html
(Only problem here is that the passwords are kept in plain text on the server...not a big problem if the server is in a secure place and not connected directly to the internet.

http://online.securityfocus.com/infocus/1563
http://jaxen.ratisle.net/~jj/nss_ldap-AD_Integration_how-to.html
http://www.oo-services.com/articles/sso.html
http://www.padl.com/Contents/OpenSourceSoftware.html

Let me know how you get on.

Regards
Craig