20.3 What Winbind Provides

Previous page
Table of content
Next page

Winbind unifies UNIX and Windows NT account management by allowing a UNIX box to become a full member of an NT domain. Once this is done the UNIX box will see NT users and groups as if they were " native " UNIX users and groups, allowing the NT domain to be used in much the same manner that NIS+ is used within UNIX-only environments.

The end result is that whenever any program on the UNIX machine asks the operating system to lookup a user or group name, the query will be resolved by asking the NT Domain Controller for the specified domain to do the lookup. Because Winbind hooks into the operating system at a low level (via the NSS name resolution modules in the C library), this redirection to the NT Domain Controller is completely transparent.

Users on the UNIX machine can then use NT user and group names as they would " native " UNIX names. They can chown files so they are owned by NT domain users or even login to the UNIX machine and run a UNIX X-Window session as a domain user.

The only obvious indication that Winbind is being used is that user and group names take the form DOMAIN\user and DOMAIN\group . This is necessary as it allows Winbind to determine that redirection to a Domain Controller is wanted for a particular lookup and which trusted domain is being referenced.

Additionally, Winbind provides an authentication service that hooks into the Pluggable Authentication Modules (PAM) system to provide authentication via an NT domain to any PAM-enabled applications. This capability solves the problem of synchronizing passwords between systems since all passwords are stored in a single location (on the Domain Controller).

20.3.1 Target Uses

Winbind is targeted at organizations that have an existing NT-based domain infrastructure into which they wish to put UNIX workstations or servers. Winbind will allow these organizations to deploy UNIX workstations without having to maintain a separate account infrastructure. This greatly simplifies the administrative overhead of deploying UNIX workstations into an NT-based organization.

Another interesting way in which we expect Winbind to be used is as a central part of UNIX-based appliances. Appliances that provide file and print services to Microsoft-based networks will be able to use Winbind to provide seamless integration of the appliance into the domain.


Previous page
Table of content
Next page
Official Samba-3 HOWTO and Reference Guide
The Official Samba-3 HOWTO and Reference Guide, 2nd Edition
ISBN: 0131882228
EAN: 2147483647
Year: 2005
Pages: 297
Authors: John H. Terpstra, Jelmer R. Vernooij
BUY ON AMAZON
PostgreSQL(c) The comprehensive guide to building, programming, and administering PostgreSQL databases
Mapping Hacks: Tips & Tools for Electronic Cartography
File System Forensic Analysis
The Lean Six Sigma Pocket Toolbook. A Quick Reference Guide to Nearly 100 Tools for Improving Process Quality, Speed, and Complexity
Cultural Imperative: Global Trends in the 21st Century
Understanding Digital Signal Processing (2nd Edition)
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy