Hello, yes, Oliver, you remember right :-)
To sum it up: There is no easy and secure way to migrate users and passwords from a NT machine to Linux (or any other Unix for that matter). Since you have to somehow get your passwords over, I'd be inclined to take a better aproach (which is IMHO completely going to Kerberos or better yet Secure-ID).
This is the point where I stop understanding... Kerberos left, better secure-id right, I have no idea how to implement this when transfer user data from NT to linux. Okay, when following the different meanings I got the idea to set up linux as BDC (is this possible ?) and to get the user-data from the still-existing NT-PDC. But, when doing this, I only get the accounts for login to the domain, and not "REAL" users being able to use POP-account and linux-account and so on. Okay, it could be possible to crack the accounts with l0pht or others, but this is not the main problem. Maybe I did not make it clear. SO here's the complete position: The client actually has an NT machine acting as - file-server - PDC - getting mail from our system and distribute it to the different local accounts dependig on the "to:"-field (fetchmail and procmail would be the solution when linux would be running, but with NT this is hard to manage for some reasons; this is one of the main-reasons for his interest in switching to linux) - and some other small, unimportant, services There are actually about 500 acounts (yes, five hundred) and he only has the PW of about 100. The other accounts changed the PWs themselves. Some accounts are only loggin gin at the domain from time to time, so just taking temporare PWs and to force them to change it themselves would be difficult to handle. So he asked if it would be possible to import the user-data to linux. I'm somewhat familiar with Linux, but actually I'm just learning to cope with NT/2000 (doing training with the goal MCSE, but this is in the future; just BTW) So I know that I know nothing :-)) and asked here for assistance. The transfer of the user-accounts should be made under best possible security, as the normal work has to got on meanwhile and noone withing the domainspace should be able to get other user-data in any way. Does anyone have any ideas how to make this possible ? Thanks again for your help until now (and in advance for further assitance) --- -------------------------------------------- Stephan M. Ott // OKDesign oHG Internet-Providing und Netzwerkmanagement smo@okdesign.de ..... http://www.okdesign.de fon. +49 961 3814139 .. fax. +49 961 3814140 mobil 0171-8351130 ... oder ... 0171-7858064 --------------------------------------------