Joining a Domain on a multiple-domain Server

Frederik Meerwaldt Meerwaldt at t-online.de
Fri Apr 7 16:25:06 GMT 2000 

I know how it is set up, thanks, but I want to know how I can configure
the client things (see my original mail (logon to Domain1 via
Masterdomain)) on the samba box.
And BTW: I _do_ know NT very well.

--

Best regards,
	Freddy

Homepage: fmeerwaldt.homepage.com
Last update: 11.03.2000
Very good OpenVMS HowTo's, DHCPD Howto, VXT2k NetBooting HowTo, and a
little bit about me. 
------------------------------------------------------------------------
NetBSD Vax, Alpha, i386. Tru64 Unix, OpenVMS, FreeBSD, Ultrix.
------------------------------------------------------------------------

On Fri, 7 Apr 2000 dqpr10 at canal-plus.fr wrote:

> 
> This is not a samba question, this is a NT domain management question.
> 
> 
>                        MASTERDOMAIN
>                              |
>            +-----------------+----------------+
>            |                 |                |
>         DOMAIN1           DOMAIN2          DOMAIN3
> 
> MASTERDOMAIN:	authentification domain
> DOMAIN1/2/3:    "data" domains, they have to approve MASTERDOMAIN
> 
> You should have your accounts base into MASTERDOMAIN PDC and DOMAIN1/2/3
> approving the MASTERDOMAIN.
> This will ensure accounts connected into the MASTERDOMAIN domain to view
> ressources holded by DOMAIN1/2/3. The next step is to define Global
> Groups
> in the MASTERDOMAIN domain to pass the trust relationship.
> 
> IE:
> Let's say DOMAIN1 is for sales, you have a share on the DOMAIN1 PDC's
> for salers:
> 
> \\DOMAIN1_PDC\sales
> 
> Ensure DOMAIN1\Administrators have the following members:
> 	DOMAIN1\Domain Administrators
> 	MASTERDOMAIN\Domain Administrators
> 
> You can create a LOCAL group in DOMAIN1 called L_SALES, then create a
> GLOBAL group
> in MASTERDOMAIN called G_SALES.
> Set share security for \\DOMAIN1_PDC\sales to:
> 	DOMAIN1_PDC\Administrators	Full Control
> 	DOMAIN1_PDC\L_SALES		Modify
> Add NTFS security if you really want a secured share.
> Add MASTERDOMAIN\G_SALES as member of DOMAIN1\L_SALES.
> Add users in MASTERDOMAIN\G_SALES, they'll have access to
> \\DOMAIN1_PDC\sales.
> 
> The workaround is the same for DOMAIN2 & DOMAIN3.
> 
> Use MASTERDOMAIN as the LOGON domain and DOMAIN1/2/3 as private domains.
> If you wish to use DOMAIN1/2/3 as logon domain for certain users, they
> won't be
> able to access other domains' ressources if they don't have an account
> on them
> too. If you wish to add a private user to more than one sub-domain (ie:
> DOMAIN1 &
> DOMAIN2), ensure they have the same name & passowrd (as Windows clients
> tests against
> matching username/password first).
> 
> Note that if you have a real file server (that is not a DC), that'll
> obviously
> works the same.
> 
> 
> I suggest learning NT before trying Samba.
> 
> Meerwaldt at t-online.de a Иcrit :
> > 
> > Hi all,
> > 
> > I want to replace a NT 4 Server with a FreeBSD Server running Samba. Now
> > we have in our company a Domain, which supplies multiple domains. In NT4 I
> > enter in the Join a domain field a domain (Let's say alldomains) and when
> > I log on, I see 3 domains (which this domain supplies). Do you know what I
> > mean? But I can't logon to alldomains directly. I have to log on to
> > DOMAIN1 (this domain is supplied by the main-domain alldomains). Now I
> > want to join the Domain DOMAIN1, but I want to share folders with users of
> > other domains (which supplies the main-domain alldomains, too), too. For
> > example: I tell Windows NT 4 to join a domain. Domain
> > Name: alldomains. Username to Join is: DOMAIN1\frederik and my normal
> > password. Then it tells me, that I have successfully joined the domain
> > alldomains. At the Login Screen I see the domains DOMAIN1, 2 and 3. But I
> > log on to DOMAIN1.
> > 
> > My Questions:
> > 
> > - How can I log on to DOMAIN1 over the main-domain alldomains
> > - When I share a directory, I have to create a local user, and then I
> > share the directory and the username will be verificated with the PDC of
> > the Domain I am logged on to. But now, I am logged on to Domain1 and want
> > to let a user, which is on Domain2, access the share. How do I have to do
> > this?
> > 
> > Hope I have explained my question clearly. If there are any further
> > questions, ask. THANKS IN ADVANCE
> > --
> > 
> > Best regards,
> >         Freddy
> > 
> > Homepage: fmeerwaldt.homepage.com
> > Last update: 11.03.2000
> > Very good OpenVMS HowTo's, DHCPD Howto, VXT2k NetBooting HowTo, and a
> > little bit about me.
> > ------------------------------------------------------------------------
> > NetBSD Vax, Alpha, i386. Tru64 Unix, OpenVMS, FreeBSD, Ultrix.
> > ------------------------------------------------------------------------
> 
> -- 
> -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=+=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
> =- Benoit Boudeville            | CANAL+ Technologies            -=
> -= Computer System Engineer     | 34, place Raoul Dautry         =-
> =- mailto:bboudev at canal-plus.fr | 75516 Paris Cedex 15           -=
> -= Tel: 01.71.71.55.83          | Fax: 01.71.71.55.77            =-
> -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=+=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

More information about the samba-ntdom mailing list