security = server
Jim Morris
Jim at Morris.net
Sun Jan 14 20:23:33 GMT 2001
Hello Stephen,
Sunday, January 14, 2001, 2:05:52 PM, you wrote:
SL> If you're only using 'security = server', then your samba server does *not*
SL> have to be in the same domain as the machine it's authenticating against.
SL> Indeed, if you're using 'security = server', your Samba server isn't in a
SL> domain at all. This is different than the behavior of 'security = domain',
SL> where you'll always be authenticating against the PDC for the domain you're
SL> in.
Hmmm. It looks like I need to go review the differences between "server" and
"domain" security with Samba. It's been a while since I've
authenticated Samba logons against an NT PDC - more recently, I've
been going the other way - authenticating NT workstation logons
against a Samba PDC.
SL> ... modulo the use of inter-domain trust relationships. With trust
SL> relationships, each PDC would be able to authenticate users for all of the
SL> trusted domains.
Well, I guess I'm confused as to how to make that happen in an NT PDC
environment. I know with Samba, I could have several Samba servers,
with all of them set to use the same logon server. However, how do I
logon from an NT workstation using one domain, and gain access to
another domains resources? Typically in NT, when you browse a share
on a domain that you did not logon to, you are prompted for the
username and password for that share - not the domain.
I am guessing that you can administer relationships between the PDC
and multiple domains using the NT server manager or user manager for
domains? Guess I need to crank up VMWare, and play with my "virtual"
install of NT Server 4.0....
Best regards,
Jim mailto:Jim at Morris.net
More information about the samba-ntdom
mailing list