Re: Fwd: Re: [squid-users] winbind authentication, mystical ?

----- Original Message -----
From: "Andrew Bartlett" <abartlet@samba.org>
To: "Jerry Murdock" <jmurdock@itraktech.com>
Cc: "Andrew Bartlett" <abartlet@samba.org>; "Squid-Dev (E-mail)"
<squid-dev@squid-cache.org>; "Henrik Nordstrom" <hno@squid-cache.org>
Sent: Saturday, July 06, 2002 9:29 PM
Subject: Re: Fwd: Re: [squid-users] winbind authentication, mystical ?

> Jerry Murdock wrote:
> >
> > ----- Original Message -----
> > From: "Andrew Bartlett" <abartlet@samba.org>
> You got away with specifying the netbios name of the pdc as 'password
> server'.
>
> > > Running smbd will allow the domain trust password to be changed, but
> > > provides no other benifit. (In fact, it might not even do that, if no
> > > users contact it...)
> >
> > So there is no way to change the trust pw with 2.2.x if the machine is
> > not serving smb clients?
>
> correct.
>
> > What happens on 2.2.x install if nothing ever triggers a change?
>
> Some PDC configurations might impose a 'maximum password age' on their
> users. I think this applies to machines as well.
>
OK, it's all falling into place as to why I haven't seen problems yet.

The next question would have to be what can be done to trigger a trust pw
change in smbd?

Would a script running on the squid box that used smbclient to log into a
local share be enough?

If so, and the user didn't want to run smbd, would you foresee any problems
with a cron script to load smbd, login, logout, kill smbd?

I can list out conditions and disclaimers in the how-to, but I'd much prefer
to go ahead and provide a workable(if not perfect) solution. The last thing
we need is for the winbind stuff to get a black eye because it stops working
"mysteriously" 30 days after install.

Thanks,
Jerry
Received on Sat Jul 06 2002 - 22:29:09 MDT