Comments on: Authentication Servers, the Next Generation

By: oes tsetnoc

oes tsetnoc — Mon, 28 Sep 2009 02:10:34 +0000

Fantastic, straight to the point and very usable … wish all documentation was the same .

By: Mike Renfro

Mike Renfro — Sat, 23 Feb 2008 20:43:58 +0000

I agree that the netbios alias is about the only way to accomplish exactly what you’re after. In my case, none of our dual-boot systems offer print or file services to anyone — all that is handled primarily by dedicated servers, and occasionally by systems that don’t dual-boot. Long term, you may decide to do similarly — you don’t necessarily want to risk rebooting during someone’s print job or other use of the SMB share.

EDIT: oh, and I guess I didn’t explicitly mention that I use the above smb.conf exclusively on regular workstations that just need winbind and Active Directory authentication. The fileserver, webserver, etc. all get different configurations.

By: Charlie Redditt

Charlie Redditt — Sat, 23 Feb 2008 18:19:20 +0000

Attaching a prefix to the hostname (%h) avoids the Jekyll and Hyde issue of both installs trying to both join the domain using the same netbios name.

But consider my situation where a dual boot box (XP/Ubuntu) has a shared printer and shared drives. I would like it so that other users on the network don’t have to know what OS the dual boot box is currently running in order to access that machine’s printer or shared drives.

I’ve tried getting both to use the same machine account name, SID, and password, (using things like NETDOM.exe and “net -f CHANGESECRETPW” but so far not much luck.

I know it’s possible for two different OS installs to share the same machine account, as M$ actually makes provisions for this, due to the necessity of disabling automatic machine acct password changes if it’s going to work over time.

see http://support.microsoft.com/kb/154501

But getting Linux and Windows to share, I don’t know…

There may be an easier way, however, using netbios aliases instead of actually using the same machine account. After all, I’m mostly concerned with how things appear on the network than the actual accts.

see http://www.hostingforum.ca/293959-re-samba-linux-active-directory-integration-problem.html

By: Lindsay Holmwood

Lindsay Holmwood — Wed, 05 Dec 2007 00:23:26 +0000

Fantastic guide. It’s great to see this sort of quality documentation for Puppet appearing.

By: Mike Renfro’s Blog : Directory Servers

Mike Renfro’s Blog : Directory Servers — Wed, 31 Oct 2007 15:38:01 +0000

[...] I don’t use automount, and the vast majority of UID/GID mappings I already covered in the Authentication Servers post, though it may technically belong here. One other thing at the bottom of the [...]

By: Mike Renfro’s Blog : The New File Server: Puppet and Modules

Mike Renfro’s Blog : The New File Server: Puppet and Modules — Thu, 02 Aug 2007 23:52:02 +0000

[...] an entire followup artcle for my authentication notes, I’ll hold off on that part for now which can be found here. But the Amanda configuration code, that’s worth talking about [...]