A question about NT Domains

Luke Kenneth Casson Leighton lkcl at switchboard.net
Thu Apr 9 11:49:29 GMT 1998 

On Thu, 9 Apr 1998, Paul Leach wrote:

> Everyone is totally confusing a user logging in to a domain with a
> workstation being a member of a domain.

to clarify (possibly!): workstations have their own usernames / passwords
with which they can verify, to the PDC, that they are in fact a member of
the domain.

why do you (samba-ntdom) think we had to extend the smbpasswd command?

	smbpasswd -add --machine WKSTA_NAME


> Just the facts, ma'am:

ta, paul :-)

> A workstation can only be a member of one domain; a user account can exist
> in only one domain. A human user can have many accounts.

this is my understanding of the situation.  i also believe, but would
appreciate confirmation, that [one or more different] users can use the
same named user account [in only one domain] and log in multiple times, to
the same [one] domain.

for example, you can log in from the same three locations:

1) the ctrl-alt-delete box
2) an exchange server
3) an SMBsessionsetupX (SMB file/print/IPC$ services)

all three above pass the username / domain / password.

> A user in domain A can log in to a WS in domain B if domain B trusts domain
> A, and that user can access anything in either domain if they are on the ACL
> for the object being accessed.

[the object being, but not limited to: a file/directory; an IPC pipe; the
right to log in from a physical machine; the ability to run as a
service: there are of the order of twenty / thirty objects].

 
> Paul
> 
> > -----Original Message-----
> > From: Gerald W. Carter [mailto:cartegw at Eng.Auburn.EDU]
> > Sent: Wednesday, April 08, 1998 12:22 PM
> > To: Multiple recipients of list
> > Subject: Re: A question about NT Domains
> > 
> > 
> > Bruce Cook wrote:
> > > 
> > >  > Nope.  Only member of one domain at a time.
> > > 
> > > Ummm.   Am I missing something ?
> > > 
> > > What's that domain list box in the login dialog on your NT WS for ?

1) the local machine's accounts (under the workstation name)
2) the domain account (that your workstation is a member of)
3) trusted domains (that your PDC has a trust relationship with other
PDCs)


> > > 
> > > Are you saying that the samba domain browsing isn't working, or that
> > > as user can't log onto any domain on the local network he chooses.
> > > 
> > > I haven't installed as WS since 3.51 so I maybe misremembering
> > > something)
> > 
> > Hmmm...Unless I am missing something here as well.  When you join a
> > domain ( samba or otherwise ) you must leave the current 
> > domain to join
> > another.  The popup menu at the login prompt allows you to choose
> > between the network domain or the local machine.

and any trusted domains.

> > 
> > 
> > 
> > j-
> > ______________________________________________________________
> > __________
> >                             Gerald ( Jerry ) Carter	
> > Engineering Network Services                           Auburn 
> > University 
> > jerry at eng.auburn.edu             
> > http://www.eng.auburn.edu/users/cartegw
> > 
> >        "...a hundred billion castaways looking for a home."
> >                                   - Sting "Message in a 
> > Bottle" ( 1979 )
> > 
>

More information about the samba-ntdom mailing list