Bill Antonia
Beacon Community College
Home e-mail bill@beaconhillcott.freeserve.co.uk
Work e-mail at@beacon.e-sussex.sch.uk
 
Just a note to say hello and say how we use Linux
We currently use 4 Linux machines, one for proxy internet access, one as a router (firewall!) between our curriculum and administration networks and two to provide inter subnet communications through the use of samba. Both networks use NT servers to control the individual domains however this means a user would have to log on once for the home domain and then repeatedly for each share connected to on the remote domain. To get around this I use samba and smbmounts.
1. Set samba to do server security on the password NT server within its domain and make that Linux box as a part of that domain.
2. Make sure all your users are added to the user list on Linux box. You could set their passwords to * in /etc/shadow so the cannot telnet.
3. Create a directory on the Linux box which you wish your users to connect. This directory can be left empty!
4. Make sure that the directory created is shared through samba.
5. Use smbmount to connect to the other domain using a high enough user/password to give your users access to the other domain.
SuSE 6.1 had a bit of bother at this point unless you had used a patch or had recompiled the kernel.
SuSE 6.3 has no problems!
mount the remote share using
smbmount //remoteservername/sharename /mountpoint -U username%password
A nice thing about this is you can decide which machines can connect to the samba server if those machines use fixed IP addresses. Note that all the users take on the user identity of the connection to the remote domain and also their security. One way to restrict the connection is to change the access rights of the users on each share within samba.
6. Finally place appropriate NET USE commands in your login scripts to the samba server within your domain. And hey presto you connect directly to the shares on the remote domain when you log in.
 
This is one way, to enable connection in the reverse, set up another samba server in the remote domain pointing back. You only need to use one network card in each machine but it probably would enhance performance if they bridged the two subnets, this has not been tested.
You can even create home directories on the Linux box which dynamically connects to the remote home directory of that user by using the preexec option to smbmount the remote home share and postexec to unmount the remote share.
 
Hope anybody finds this of use
Bill