multi-domain authentication

daedalus daedalus at
Wed May 5 01:29:20 GMT 1999

I've currently got samba version 2.0.0 running on a Sun Enterprise 10,000
domain to allow people to access files on the unix server by mapping
drives. This works quite nicely for those people who have accounts as
members of the domain the samba machine belongs to.

My problem is that we have _many_ NT domains here, and users belong to
different ones. I would like to be able to provide access to them all
without having to maintain a separate password list for the samba server
(using security = user).

Can samba try a list a domains in order when in security = domain mode? I
know it will search the list of password server's but only if it can't
contact the first in the list for some reason.

ie: I would like to somehow have either:

password server = DOMAIN_A_PDC, DOMAIN_B_PDC, DOMAIN_C_PDC, etc..

or in each service:

valid users = \DOMAIN_A\user1, \DOMAIN_B\user2

such that the PDC for the domain the user belongs to is the one queried by
samba for authentication.

Is this possible?

|      Justin Warren        | justin.warren at        |
|   Systems Administrator   | daedalus at             |
| Mayne Nickless Express IT | |
| Just because you're paranoid doesn't mean they're NOT after you...  |

More information about the samba-ntdom mailing list