samba-users August 2010 archive
Main Archive Page > Month Archives  > samba-users archives
samba-users: [Samba] enable client to join domain with no or any

[Samba] enable client to join domain with no or any password?

From: David Mathog <mathog_at_nospam>
Date: Tue Aug 17 2010 - 20:33:25 GMT

I am trying to automate W7 joining to our Samba domain. It works fine
through the Windows GUI from the W7 workstations. However, for a script
one would have to store password used for domain access, and since that
is the server's root password, I really don't want to hard code that
into a file.

Is there a way to set (temporarily) a Samba server so that it will
accept (admin/anything) as valid credentials for joining a domain, where
"anything" is any string, not just the password?

That is, something like this:

server: set client_machine accept_only_password
client: (powershell)
  $myCred = New-Object System.Management.Automation.PSCredential \
  Add-Computer SAMBA_domain -cred $myCred
(FAILURE, wrong password)
server: set client_machine accept_any_password
client: (powershell)
  Add-Computer SAMBA_domain -cred $myCred
(SUCCESS, wrong password, does not matter)
server: set client_machine accept_only_password

That way the password would never be stored on the client. It should be
safe enough since the security hole is only opened for a single machine,
and then only for a limited time.


David Mathog
Manager, Sequence Analysis Facility, Biology Division, Caltech
-- To unsubscribe from this list go to the following URL and read the instructions: