pavement

WINBIND

From FreeBSDwiki
Revision as of 14:48, 17 October 2007 by DrModiford (Talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

WINBIND is a service that originates from source code intended to give Samba the Domain Controller functionality of Windows NT. It now exists as an authentication subsystem of NSSwitch.

The main use of this service is in conjunction with Samba to authenticate against Active Directory (or classic NT Domains) for shares hosted by Samba. In other words a Windows user who signs in against Active Directory can access a Samba share on FreeBSD and for that share to be secured for access by that user's Windows account or group memberships. So a share can be limited to those in the Active Directory group 'Accounts Team' or simply the user 'Bob'.

It is also possible to use WINBIND in other PAM-enabled services, such as ftp, imap, kde-np pop3, ssh, xdm, su and telnet in order to authenticate users against Active Directory.

The SSH service can be configured to use WINBIND and utilise a support utility called pam_mkhomedir to automatically create a home directory (typically '/home/DOMAINNAME/Username/') following a successful login.

Personal tools