[ADVANCE NOTICE] usernames limited to 8 chars gonna be nasty..
Luke Kenneth Casson Leighton
lkcl at samba.org
Tue Apr 11 05:19:16 GMT 2000
iihhhhhh... *thinks*.
for a SAM-database-that-is-our-own-LDAP-server, only one set of config
options are needed.
for a
SAM-database-on-a-remote-system-that-happens-to-also-use-LDAP-as-its-back-end,
we don't care what it uses, we use NT-style DCE/RPC functions.
_however_, for uid/SID and gid/SID resolutions, we use SURS. that's
different.
so, potentially, these could be options in /etc/surs.conf.
On Tue, 11 Apr 2000 nazard at dragoninc.on.ca wrote:
> On 11 Apr, Luke Kenneth Casson Leighton wrote:
> >> Don't tie it to the user name. In some cases (i.e. LDAP) it would be
> >> much better to add another multi-valued attribute like "NTDOMAIN". That
> >> way we could use that account for multiple domains, or move domains
> >> easily.
> >
> > good idea.
>
> I've been thinking about this a bit since I'm raining on your parade <g>
>
> What if we added a config file/options so you can specify how to handle
> each domain. This would allow us to better support multiple backends.
>
> Maybe something like:
>
> [DRAGONREALM]
> Type = PDC
> NameDatabase = LDAP
> SambaDatabase = LDAP
> LDAP Server = blah
> LDAP blah ...
> EncryptPasswords = yes
> logon path =
> other domain related options....
>
> [TRUSTED_DOMAIN]
> Type = Trusted
> NameDatabase = Samba
> SambaDatabase = Samba
> Samba Server = Samba_Pdc
>
> [TRUSTED_DOMAIN_2]
> Type = Trusted
> NameDatabase = File
> GroupDatabase = File
> SambaDatabase = NT
> NT Server = NT_Pdc
> NameFile = /opt/samba/private/trusted_domain_2_users
> GroupFile = /opt/samba/private/trusted_domain_2_groups
>
>
>
> --
> Doug Nazar
> Dragon Computer Consultants Inc.
> Tel: (416) 708-1578 Fax: (416) 708-8081
>
<a href=" mailto:lkcl at samba.org" > Luke Kenneth Casson Leighton </a>
<a href=" http://cb1.com/~lkcl" > Samba and Network Development </a>
<a href=" http://samba.org" > Samba Web site </a>
<a href=" http://mcp.com" > Macmillan Technical Publishing </a>
ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals
More information about the samba-ntdom
mailing list