run prog to create policy? + our setup
Gerald Carter
cartegw at Eng.Auburn.EDU
Tue Sep 1 13:20:38 GMT 1998
Paul Dekkers wrote:
>
> Hmm... is it possible with the preexec command too? I'd make
> at about 700 accounts, and I think the policy file would
> become too big and it would become to complex to create an
> entry for each user... So if I can easily copy the data when
> the group is different to the file... Is it possible that
> normal users then get the data of an extended user?
Why not setup your [netlogon] share something like this..
[netlogon]
path = /usr/samba/netlogon/%G
This is off the top of my head (and so hasnt't been tested).
Souncds like it should work though. Then you can keep a
separate policy file for each unix group.
> BTW, are groups not possible under NT or not because SAMBA
> is unable to deliver the group information?
Samba curently oes not return the group information. Some
of them are supported ( WELL-KNOWN groups such as "Domain Admins").
> Maybe then serving using an NT server is a better idea,
> however I'd like to use the passwords from my unix server, and
> it saves a lot of money when just using an unix box...
You're the only one who can make the decision for your
site :)
> is 18p10 a good idea, or should I experiment with 2.0.0alpha?
Nope. You;ll have to go with the alpha code.
> (it's still not possible to use the account information on
> the unix server with nt isn't it?)
You do still have to keep a separate smbpasswd curently.
Paul, I'm sending this to the samba-ntdom list in case someone
else has some ideas for the Samba PDC setup.
j-
________________________________________________________________________
Gerald ( Jerry ) Carter
Engineering Network Services Auburn University
jerry at eng.auburn.edu http://www.eng.auburn.edu/users/cartegw
"...a hundred billion castaways looking for a home."
- Sting "Message in a Bottle" ( 1979 )
More information about the samba-ntdom
mailing list