[Samba] UNIX accounts needed for machine accounts?
Lukas Haase
lukashaase at gmx.at
Wed Dec 16 05:01:01 MST 2009
Ralf Hornik Mailings wrote:
> Lukas Haase <lukashaase at gmx.at> wrote:
>> Is this necessary? Does it cause any problems?
>
> Only the samba DC must be able to access the machine objects. So if you
> plan to reduce the scope on your PDC, machine autentication, or joining
> a machine to domain will allways fail.
>
> On client side I can't see problems so far...
Hi,
Thanks for your reply.
Actually this is exactly whats the problem: On the PDC I want NOT to
have the external users in the system!
Is there any good solution for that?
It would be great if libnss-ldap would support users from different
trees (than I could take ou=int,ou=users AND ou=machines) but I guess
this is not possible...
Regards,
Luke
More information about the samba
mailing list